Merge branch 'staging' into optimize_by_comments

.github/contributing.md

@@ -1,10 +1,10 @@
 ## Code and testing requirements:
- - The tool is developed using Microsoft C# language and .NET framework version 4.5 (WPF application). 
+ - The tool is developed using Microsoft C# language and .NET framework version 4.5 (WPF application).
  - The project solution file is configured for Microsoft Visual Studio 2012 (C# v5).
  - Do not add new external libraries or any 3rd party code (open source or commercial).
- - The code will be implemented with high quality standards. It should be designed well, refactored for easy reuse and easy maintenance, efficient as possible, readable and well documented. 
+ - The code will be implemented with high quality standards. It should be designed well, refactored for easy reuse and easy maintenance, efficient as possible, readable and well documented.
  - Verify functionality and correctness of the tool, including end-to-end testing & QA.
- 
+
 ## Committing code to GitHub:
  - Commit/PR name needs to be meaningful and explain the change and not the issue it solves. For example: User is suffering from failure   due to host name collision – commit name would be: “Handle host creation in case of name duplications”.
  - Commit/PR description needs to contain more details about the issue and the solution.

.gitignore

@@ -1,4 +1,4 @@
-
+build.bat
 SmartMove/SmartConnector/*.pyc
 SmartMove/SmartConnector/.idea
 SmartMove/compressors/*.exe

.pre-commit-config.yaml

@@ -0,0 +1,26 @@
+repos:
+-   repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.3.0
+    hooks:
+    -   id: trailing-whitespace
+    -   id: mixed-line-ending
+    -   id: check-merge-conflict
+    -   id: check-case-conflict
+    -   id: check-ast
+    -   id: check-docstring-first
+    -   id: end-of-file-fixer
+    -   id: check-builtin-literals
+    -   id: debug-statements
+    -   id: forbid-new-submodules
+-   repo: https://github.com/asottile/pyupgrade
+    rev: v3.1.0
+    hooks:
+    -   id: pyupgrade
+        args: [--py37-plus]
+-   repo: https://github.com/zricethezav/gitleaks
+    rev: v7.6.1
+    hooks:
+    -   id: gitleaks
+        name: Detect hardcoded secrets
+        description: Detect hardcoded secrets using Gitleaks
+        args: [--debug, --verbose, --repo-url, .]

CheckPointObjects/CP_KnownServiceGroups.csv

@@ -49,4 +49,4 @@
 "time"
 "Trojan_Services"
 "Yahoo_Messenger"
-"Mail"
+"Mail"

CheckPointObjects/CheckPointObjects.cs

@@ -202,7 +202,7 @@ public class CheckPoint_Domain : CheckPointObject
         public override string ToCLIScript()
         {
             return "add dns-domain " + WriteParam("name", SafeName(), "") + WriteParam("comments", Comments, "")
-                + WriteParam("is-sub-domain", IsSubDomain, !IsSubDomain) //"is-sub-domain" is a required field by documentation 
+                + WriteParam("is-sub-domain", IsSubDomain, !IsSubDomain) //"is-sub-domain" is a required field by documentation
                 + WriteListParam("tags", Tags, true);
         }
 
@@ -303,7 +303,7 @@ public class CheckPoint_NetworkGroup : CheckPointObject
         public bool IsPanoramaDeviceGroup = false;
 
         /// <summary>
-        /// This property is used to overcome the problematic order of objects creation for 
+        /// This property is used to overcome the problematic order of objects creation for
         /// GroupWithExclusion and NetworkGroup types cross-referencing each other.
         /// </summary>
         public bool CreateAfterGroupsWithExclusion { get; set; }
@@ -491,7 +491,7 @@ public class CheckPoint_OtherService : CheckPointObject
         public string IpProtocol { get; set; }
 
         public CheckPoint_OtherService() : base() { }
-        public CheckPoint_OtherService (string name, string ipprotocol, string comments, List<string> tags) : base()
+        public CheckPoint_OtherService(string name, string ipprotocol, string comments, List<string> tags) : base()
         {
             Name = name;
             IpProtocol = ipprotocol;
@@ -517,7 +517,7 @@ public class CheckPoint_ServiceGroup : CheckPointObject
     {
         public List<string> Members = new List<string>();
         public int MembersPublishIndex { get; set; }
-        public int MembersMaxPublishSize { get; set; } 
+        public int MembersMaxPublishSize { get; set; }
 
         public CheckPoint_ServiceGroup() : base()
         {
@@ -538,7 +538,7 @@ public override string ToCLIScriptInstruction()
             int index = ((MembersPublishIndex + MembersMaxPublishSize) > Members.Count) ? Members.Count : MembersPublishIndex + MembersMaxPublishSize;
             return (MembersPublishIndex == 0 ? "create " : "update ") + "service group [" + Name + "]: " + index + "/" + Members.Count + " members";
         }
-        
+
     }
 
     public class CheckPoint_ApplicationGroup : CheckPointObject
@@ -866,7 +866,7 @@ public bool IsCleanupRule()
             {
                 return true;   // sub-policy's automatic cleanup rule
             }
-            return checkRuleType(ActionType.Drop);// user defined cleanup rule           
+            return checkRuleType(ActionType.Drop);// user defined cleanup rule
         }
 
         /// <summary>
@@ -1106,4 +1106,3 @@ public int TotalRules()
         }
     }
 }
-

CheckPointObjects/CheckPointObjects.csproj

@@ -73,11 +73,11 @@
     </None>
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it.
        Other similar extension points exist, see Microsoft.Common.targets.
   <Target Name="BeforeBuild">
   </Target>
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
+</Project>

CheckPointObjects/CheckPointObjectsRepository.cs

@@ -22,7 +22,7 @@
 namespace CheckPointObjects
 {
     /// <summary>
-    /// Repository for Check Point objects created during the convertion from 3rd party configuration and 
+    /// Repository for Check Point objects created during the convertion from 3rd party configuration and
     /// predefined Check Point objects.
     /// Objects are identified by their names.
     /// </summary>
@@ -32,8 +32,8 @@ public class CheckPointObjectsRepository
 
         private class ObjectInfo
         {
-            public CheckPointObject Object  { get; private set; }
-            public bool IsPredefined  { get; private set; }
+            public CheckPointObject Object { get; private set; }
+            public bool IsPredefined { get; private set; }
 
             public ObjectInfo(CheckPointObject cpObject, bool isPredefined)
             {
@@ -157,7 +157,8 @@ public bool HasObject(string objectName)
             return (!string.IsNullOrEmpty(objectName) && _repository.ContainsKey(objectName));
         }
 
-        public bool IsPredefinedOrKnownService(string name) {
+        public bool IsPredefinedOrKnownService(string name)
+        {
             return HasObject(name) || IsKnownService(name);
         }
 

CheckPointObjects/Properties/AssemblyInfo.cs

@@ -2,7 +2,7 @@
 using System.Runtime.CompilerServices;
 using System.Runtime.InteropServices;
 
-// General Information about an assembly is controlled through the following 
+// General Information about an assembly is controlled through the following
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("CheckPointObjects")]
@@ -14,8 +14,8 @@
 [assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 
-// Setting ComVisible to false makes the types in this assembly not visible 
-// to COM components.  If you need to access a type in this assembly from 
+// Setting ComVisible to false makes the types in this assembly not visible
+// to COM components.  If you need to access a type in this assembly from
 // COM, set the ComVisible attribute to true on that type.
 [assembly: ComVisible(false)]
 
@@ -25,11 +25,11 @@
 // Version information for an assembly consists of the following four values:
 //
 //      Major Version
-//      Minor Version 
+//      Minor Version
 //      Build Number
 //      Revision
 //
-// You can specify all the values or you can default the Build and Revision Numbers 
+// You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
 [assembly: AssemblyVersion("1.0.0.0")]

CheckPointObjects/RuleBaseOptimizer.cs

@@ -30,7 +30,7 @@ namespace CheckPointObjects
     ///    1. both rules have the same action, and
     ///    2. both rules are enabled or disabled, and
     ///    3. both rules have source and destination columns negated or not, and
-    ///    4. both rules have the same time objects, and 
+    ///    4. both rules have the same time objects, and
     ///    5. either one of the following is true:
     ///       5.1. both the source and destination columns match
     ///       5.2. both the source and service columns match
@@ -207,7 +207,7 @@ private static bool IsRuleSimilarToRule(CheckPoint_Rule rule1, CheckPoint_Rule r
                 return false;
             }
 
-            if ((rule1.Time.Count != rule2.Time.Count) || 
+            if ((rule1.Time.Count != rule2.Time.Count) ||
                 (rule1.Time.Count > 0 && rule2.Time.Count > 0 && rule1.Time[0].Name != rule2.Time[0].Name))
             {
                 return false;
@@ -249,8 +249,9 @@ private static string OptimizeConverstionComments(string commentToProcess)
             //if there is nothing to merge return empty comment
             if (comments_parts.Count == 0)
                 return "";
-
-            if (comments_parts.Count > 0) { 
+
+            if (comments_parts.Count > 0)
+            {
 
                 if (regex.IsMatch(comments_parts[0]))
                     foreach (string part in comments_parts)
@@ -286,9 +287,11 @@ private static string OptimizeConverstionComments(string commentToProcess)
                             commentBuilder += ", " + comments_parts[i];
                     }
 
+
             }
             else 
                 return commentToProcess.Trim();
+
             }
 
             return commentBuilder == "Matched rule(s)" ? "" : commentBuilder;

CiscoMigration/CiscoAnalizStatistic.cs

@@ -48,7 +48,7 @@ class CiscoAnalizStatistic : VendorAnalizStatistic
                 }
                 foreach (var item in _cpHosts)
                 {
-                    if (_cpHosts.Where(nt => nt.IpAddress == item.IpAddress ).Count() > 1) { _duplicateServicesObjectsCount++; }
+                    if (_cpHosts.Where(nt => nt.IpAddress == item.IpAddress).Count() > 1) { _duplicateServicesObjectsCount++; }
                 }
                 foreach (var item in _cpRanges)
                 {
@@ -188,4 +188,4 @@ class CiscoAnalizStatistic : VendorAnalizStatistic
         }
     }
 
-}
+}

CiscoMigration/CiscoCommands.cs

@@ -498,7 +498,7 @@ private void ParseServices()
                             break;
 
                         default:
-                            // No need to check also for CiscoKnownServices.IsKnownServiceNumber here, 
+                            // No need to check also for CiscoKnownServices.IsKnownServiceNumber here,
                             // because it is already done in Cisco_Service class!!!
                             if (CiscoKnownServices.IsKnownService(ServiceProtocol))
                             {
@@ -1617,11 +1617,11 @@ public override void Parse(CiscoCommand command, CiscoCommand prevCommand, Dicti
              *
              * Each of these two types may be Static or Dynamic.
              * Static NAT allows bidirectional traffic (mirrored rules).
-             * 
+             *
              * Each NAT command is started as follows:
              * ---------------------------------------
              * nat [(real_interface, mapped_interface)] ...
-             * 
+             *
             **************************************************************************************/
 
             base.Parse(command, prevCommand, ciscoIds, aliases);
@@ -1680,9 +1680,9 @@ private void ParseObjectNatCommand(CiscoCommand command, CiscoCommand prevComman
              * Parsing options for Object NAT:
              * -------------------------------
              * ... static {mapped_host_ip_address | mapped_object_name | interface} [service {tcp | udp} real_port mapped_port]
-             * 
+             *
              * ... dynamic {mapped_host_ip_address | mapped_object_name | interface}
-             * 
+             *
              * + mapped_object may be a host or network or range
             */
 
@@ -1747,9 +1747,9 @@ private void ParseRegularNatCommand(CiscoCommand command, CiscoCommand prevComma
              * Parsing options for regular (manual or twice) NAT:
              * --------------------------------------------------
              * ... [after-object] source static real_object_name [mapped_object_name | interface] [destination static mapped_object_name real_object_name] [service real_service_name mapped_service_name]
-             * 
+             *
              * ... [after-auto] source dynamic {real_object_name | any} {mapped_object_name | interface} [destination static mapped_object_name real_object_name] [service mapped_service_name real_service_name]
-             * 
+             *
              * + real_object/mapped_object may be a host or network
             */
 
@@ -2134,47 +2134,47 @@ public override void Parse(CiscoCommand command, CiscoCommand prevCommand, Dicti
         {
             /*
              * OPTION I - REMARK format - the easiest option:
-             * 
+             *
             access-list access_list_name remark text
             Example:
-            hostname(config)# access-list ACL_OUT remark - this is the inside admin address 
-             * 
+            hostname(config)# access-list ACL_OUT remark - this is the inside admin address
+             *
              * OPTION II - STANDARD format - used for a limited number of features, such as route maps or VPN filters.
              *                               uses IPv4 addresses only, and defines destination addresses only.
-             * 
+             *
             access-list access_list_name standard {deny | permit} {any/any4 | host ip_address | ip_address ip_mask}
             Example:
             hostname(config)# access-list OSPF standard permit 192.168.1.0 255.255.255.0
-             * 
+             *
              * OPTION III.I - EXTENDED format - for ICMP based traffic matching
-             * 
+             *
             access-list access_list_name extended {deny | permit} icmp source_address_argument dest_address_argument [icmp_argument] [time-range time_range_name] [inactive]
             Example:
             hostname(config)# access-list ACL_IN extended permit icmp any any echo
-             * 
+             *
              * OPTION III.II - EXTENDED format - for TCP and UDP based traffic matching, with ports
-             * 
+             *
             access-list access_list_name extended {deny | permit} {tcp | udp} source_address_argument [port_argument] dest_address_argument [port_argument] [time-range time_range_name] [inactive]
             Example:
             hostname(config)# access-list ACL_IN extended deny tcp any host 209.165.201.29 eq www
             hostname(config)# access-list ACL_IN extended deny tcp 192.168.1.0 255.255.255.0 209.165.201.0 255.255.255.224
-             * 
+             *
              * OPTION III.III - EXTENDED format - for general IP address and FQDN based matching
-             * 
+             *
             access-list access_list_name extended {deny | permit} protocol_argument source_address_argument dest_address_argument [time-range time_range_name] [inactive]
             Example:
             hostname(config)# access-list ACL_IN extended permit ip any any
-             * 
+             *
              * **********************
              * ACL COMMAND ARGUMENTS:
-             * 
+             *
              * protocol_argument specification: one of the following options:
              * --------------------------------------------------------------
              * protocol_name/protocol_number
              * object service_object_id --> may be also a icmp service object
              * object-group service_group_id
              * object-group protocol_group_id
-             * 
+             *
              * source_address_argument/dest_address_argument specification: one of the following options:
              * ------------------------------------------------------------------------------------------
              * any/any4/any6
@@ -2183,17 +2183,17 @@ public override void Parse(CiscoCommand command, CiscoCommand prevCommand, Dicti
              * object network_object_id
              * object-group network_group_id
              * ip_address ip_mask
-             * 
+             *
              * icmp_argument specification: one of the following options:
              * ----------------------------------------------------------
              * icmp_type
              * object-group icmp_group_id --> object-group icmp-type command
-             * 
+             *
              * port_argument specification: one of the following options:
              * ----------------------------------------------------------
              * operator port --> where operator can be one of: lt, gt, eq, neq, range; port can be number or name of a TCP or UDP port
              * object-group service_group_id
-             * 
+             *
             */
 
             base.Parse(command, prevCommand, ciscoIds, aliases);