Firewall Rule Analysis including Source IPs

[PeterSmith78]

I am running R80.20 on my management server. I have been asked to produce a report showing all the firewall rules allowing access to a specific host. This is easy enough but I have also been asked to include the IP addresses of the source hosts / source networks. Does anyone know how I could do this without a lot of time consuming manual work? I know I can export the rule base in csv format but this doesn’t show me the IP addresses of the hosts, only their names. Likewise their is a built in tool which will give me a web page showing the rules, however you can’t see the IP addresses of the hosts without clicking on each one, also their is no way of editing a web page to show only a subset of rules. I could try a product like Algosec but I don’t think even this would produce a report which included the IP addresses of each hosts / network. Does anyone have any ideas? Thanks

[Bob_Zimmerman]

You should be able to use the API to do this. Use the API to dump the rules, use client-side scripting to filter down to just the rules you care about, use the rules to build a list of the objects involved, then use the API to dump the details of those objects.