Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ciscoconfparse_patch.py errors #18

Open
anstelios opened this issue May 27, 2017 · 3 comments
Open

ciscoconfparse_patch.py errors #18

anstelios opened this issue May 27, 2017 · 3 comments

Comments

@anstelios
Copy link

Hello guys,
Great work !!

I am trying to use the tool but i get the below error

$ python c2c.py --export \

--ciscoFile 'showrun.txt' \
--syntax asa \
--policy My_Policy \
--installOn My_Firewall \
--output 'network_script.txt'

Traceback (most recent call last):
File "c2c.py", line 34, in
from cisco2checkpoint import Cisco2Checkpoint,Cisco2CheckpointManager
File "lib\cisco2checkpoint.py", line 26, in
from ciscoconfparse_patch import CiscoConfParse
File "lib\ciscoconfparse_patch.py", line 29, in
from ciscoconfparse import models_cisco
ImportError: No module named ciscoconfparse

Used "git clone --recursive https://github.com/gosecure/cisco2checkpoint c2c" to install the tool
I have installed python 2.7.0
I have my ASA exported config (showrun.txt) in c2c folder

Am i missing something ??
@anstelios
Copy link
Author

missing modules solved.

But i get a lot some errors when trying to convert my policy:

$ python c2c.py --verify --format text --ciscoFile 'showrun2.txt' --syntax asa --policy My_Policy --installOn My_Firewall --output 'network_script_verify.txt'
#[+] Importing all objects except groups.
#[+] Importing Checkpoint network objects
#[+] Importing all names.
#[+] Importing all hosts.
#[+] Object "CiscoHost(name=meraki7,ipAddr=2.16.178.8,desc=,alias=)" was not imported as it already exist.
#[+] Object "CiscoHost(name=viber5,ipAddr=2.18.83.13,desc=,alias=)" was not imported as it already exist.
#[+] Object "CiscoHost(name=viber6,ipAddr=52.1.175.227,desc=,alias=)" was not imported as it already exist.
#[+] Importing all networks.
#[+] Object "CiscoNet(name=Users_Nat,ipAddr=192.168.10.0/255.255.255.0,desc= description IronPORT IS DOWN,alias=)" was not imported as it already exist.
#[+] Object "CiscoNet(name=WIFI_INTERNAL,ipAddr=192.168.35.0/255.255.255.0,desc=,alias=)" was not imported as it already exist.
#[+] Importing all ranges.
#[+] Fixing duplicate names
#[+] Fixing duplicate IP addresses
#[+] Fixing duplicate subnets
#[+] Fixing duplicate ranges
#[+] Importing Checkpoint ports objects
#[+] Adding ICMP Aliases
#[+] Importing all single ports objects.
#[+] Importing all port ranges objects.
#[+] Importing all net/host/range groups.
Traceback (most recent call last):
File "c2c.py", line 171, in
c2c.importConfig(args.cpPortsFile,args.cpNetObjFile,args.ciscoFile)
File "lib\cisco2checkpoint.py", line 1757, in importConfig
self._importNetGroups(self.parser.getNetGroups())
File "lib\cisco2checkpoint.py", line 1834, in _importNetGroups
self.addObj(CiscoNetGroup(self, newGrp, color=self.color))
File "lib\cisco2checkpoint.py", line 958, in init
for mm_r in parsedObj.result_dict:
File "lib\ciscoconfparse_patch.py", line 609, in result_dict
.format(net_obj['object_name']))
KeyError: 'object_name'

$ python c2c.py --verify --format text --ciscoFile 'showrun2.txt' --syntax asa --policy My_Policy --installOn My_Firewall --output 'network_script_verify.txt'
#[+] Importing all objects except groups.
#[+] Importing Checkpoint network objects
#[+] Importing all names.
#[+] Importing all hosts.
#[+] Importing all networks.
#[+] Importing all ranges.
#[+] Fixing duplicate names
#[+] Fixing duplicate IP addresses
#[+] Fixing duplicate subnets
#[+] Fixing duplicate ranges
#[+] Importing Checkpoint ports objects
#[+] Adding ICMP Aliases
#[+] Importing all single ports objects.
#[+] Importing all port ranges objects.
#[+] Importing all net/host/range groups.
Traceback (most recent call last):
File "c2c.py", line 171, in
c2c.importConfig(args.cpPortsFile,args.cpNetObjFile,args.ciscoFile)
File "lib\cisco2checkpoint.py", line 1757, in importConfig
self._importNetGroups(self.parser.getNetGroups())
File "lib\cisco2checkpoint.py", line 1834, in _importNetGroups
self.addObj(CiscoNetGroup(self, newGrp, color=self.color))
File "lib\cisco2checkpoint.py", line 958, in init
for mm_r in parsedObj.result_dict:
File "lib\ciscoconfparse_patch.py", line 632, in result_dict
.format(name))
NameError: global name 'name' is not defined

@anstelios anstelios changed the title ImportError: No module named ciscoconfparse ciscoconfparse_patch.py errors May 27, 2017
@anstelios
Copy link
Author

Ok it seems some specific parts of the ASA config was incompatible with migration scripts.
I 've managed to narrow it down so all good!
Also the final script had some issues with rules creation and some lines had to be removed for each rule and for some service port ranges.

Thank you very much for this great tool which made such a difficult migration much easier!!

@martindube
Copy link
Contributor

Hi anstelios,

I'm glad to see that you found a way to make it work !

I will dig into this when I have more time. Do you remember what was removed to make it work? That would help me a lot.

Thanks,

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@martindube @anstelios