2011-04-01, 00:42
Dear All,
I have a requirement of identifiying a timebased rules in my policy packages, and it's huge in my network. So i decided it to export it to excel and to proceed.
Please suggest me to perfomr this.
Thanks in advance


2011-04-01, 03:17
You cannot do this. All you can is to print rulebase into PDF file, but it will be basically a picture.

2011-04-01, 09:15

I use fw1rule (WYAE - Retired Firewall Tools (http://www.wyae.de/software/fw1rules/)) to convert the checkpoint file in html (or txt or csv)

You should try it.


2011-04-01, 10:21
I have to make a correction to my previous statement.

Although it is impossible to print out rulebase to Excel, there is a standard visualization tool: Web visualization tool, sk30765, that allows you to print out your rulebase, objects and users to HTML file.

As far as I am concerned, the latest version is R70. I have tried it on R75, and it works like a charm.

Just go to sk30765 and download it.


2011-04-03, 09:16
Confwiz (sk41719) will export your rulebase (and objects) to XML which can then be read by Excel. See sk42302 for the Excel template.

2011-04-04, 09:21
did you ever succeed in doing it? i am asking about policy visualization the way you describe. Cause it never worked fro me, ever. not for the policy...

2011-04-04, 19:16
Yes I've done it before, but haven't tried it in a while.
You do need to have the template and Excel Pro for it to work.

2011-04-05, 02:54
never worked for me. any howto?

2011-04-07, 01:00
Dear All,
I used Checkpoint Web visualization tool for this task, It works perfectly. But you cannot directly convert it to csv, or doc or .pdf. HTML file will be created and entore rule base snapshot will be displayed from there you can simply copy and paste it to excel sheet.
Also i would liek to share the commands and procedure how to perform this.
1) Download R70 version of WVT and save it in any drive
2) In my case i used d:/ and extract it there only, there is no need of save it in c:/program file/checkpoint/smartcon/ directory
3) Open command prompt and issue the following command.
4)before executing this create a output directory in d: / in my case it's output
#d:/cpdb2html d:/WEBVISTOOL(WVT installation dir ) d:/output(output dir) of SMS) admin(username) password(password) -o output.html (output file)

The output.html file will be generated in few min after you run this command.. from there yo can do what ever you want.
This command is passive and it will nopt degrade the performance of firewall. :)


Tan Da Boss
2011-04-07, 09:52
Confwiz is nice for hosts and services but for groups or rulebases it is just useless. It is unreadable. You can surely write a script or a macro to fix it but well it is faster to use webvisualization tool.