The policyname_Obj.log file lists objects found in your FireWall-1 security policy that were not directly supported in SunScreen 3.2. The following table lists the FireWall-1 objects and shows whether they were converted to SunScreen 3.2.
Table 8-3 How Conversion to SunScreen 3.2 Affects FireWall-1 Objects
FireWall-1 Object |
SunScreen Equivalent |
Conversion Status |
---|---|---|
Host |
Host |
Yes. |
Network |
Range |
Yes. |
Router |
None |
No. See the policyname_Obj.log file for details. |
Switch |
None |
No. See the policyname_Obj log file for details. |
Domain |
None |
No. See the policyname_Obj log file for details. |
Group |
Group |
Yes. |
Gateways |
None |
No. However, they are logged in the policyname_OBJ.log file. Gateways require more configuration within SunScreen to assure that the IP addresses of the gateway are correct. See the SunScreen 3.2 Administration Guide for more information. |
The following figure shows a sample policyname_Obj.log file, similar to the file that you can generate from your FireWall-1 policy.
/***** SunScreen: Firewall-1 conversion log *****/ /***** @(#)ObjStore.java 3.7 99/11/09 Sun Microsystems, Inc. *****/ Objects of type: gateway, need some user decisions You had a gateway with name "skil" ipaddr 205.167.60.13 If this is the gateway on which SunScreen is being installed please refer to the 'ssadm edit' command to enable the interfaces |