private void ShowResults(VendorConverter vendorConverter, int convertedLinesCount)
{
ConversionIssuesPanel.Visibility = (vendorConverter.ConversionIncidentCategoriesCount > 0) ? Visibility.Visible : Visibility.Collapsed;
ConvertedNatPolicyPanel.Visibility = ConvertNATConfiguration ? Visibility.Visible : Visibility.Collapsed;
ConfigurationFileLinesCount = string.Format(" ({0} lines)", convertedLinesCount);
ConvertedPolicyRulesCount = string.Format(" ({0} rules)", vendorConverter.RulesInConvertedPackage());
ConvertedOptimizedPolicyRulesCount = string.Format(" ({0} rules)", vendorConverter.RulesInConvertedOptimizedPackage());
ConvertedNATPolicyRulesCount = string.Format(" ({0} rules)", vendorConverter.RulesInNatLayer());
ConversionIssuesCount = string.Format("Found {0} conversion issues in {1} configuration lines", vendorConverter.ConversionIncidentCategoriesCount, vendorConverter.ConversionIncidentsCommandsCount);
ConvertingWarningsCount = "";
ConvertingErrorsCount = "";
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
CoversionIssuesPreviewPanel.Visibility = Visibility.Collapsed;
ConvertedOptimizedPolicyPanel.Visibility = Visibility.Visible;
RulebaseOptimizedScriptLink.Visibility = Visibility.Visible;
break;
case Vendor.FortiGate:
CoversionIssuesPreviewPanel.Visibility = Visibility.Visible;
ConvertedOptimizedPolicyPanel.Visibility = Visibility.Collapsed;
RulebaseOptimizedScriptLink.Visibility = Visibility.Collapsed;
FortiGateConverter fgConverter = (FortiGateConverter)vendorConverter;
ConvertedPolicyRulesCount = (fgConverter.RulesInConvertedPackage() != -1) ? string.Format(" ({0} rules)", fgConverter.RulesInConvertedPackage()) : " Check report.";
ConvertedNATPolicyRulesCount = (fgConverter.RulesInNatLayer() != -1) ? string.Format(" ({0} rules)", fgConverter.RulesInNatLayer()) : " Check report.";
ConvertingWarningsCount = (fgConverter.WarningsInConvertedPackage() != -1) ? string.Format(" ({0} warnings)", fgConverter.WarningsInConvertedPackage()) : " Check report.";
ConvertingErrorsCount = (fgConverter.ErrorsInConvertedPackage() != -1) ? string.Format(" ({0} errors)", fgConverter.ErrorsInConvertedPackage()) : " Check report.";
break;
case Vendor.PaloAlto:
CoversionIssuesPreviewPanel.Visibility = Visibility.Visible;
ConvertedOptimizedPolicyPanel.Visibility = Visibility.Collapsed;
RulebaseOptimizedScriptLink.Visibility = Visibility.Collapsed;
PaloAltoConverter paConverter = (PaloAltoConverter)vendorConverter;
ConvertedPolicyRulesCount = (paConverter.RulesInConvertedPackage() != -1) ? string.Format(" ({0} rules)", paConverter.RulesInConvertedPackage()) : " Check report.";
ConvertedNATPolicyRulesCount = (paConverter.RulesInNatLayer() != -1) ? string.Format(" ({0} rules)", paConverter.RulesInNatLayer()) : " Check report.";
ConvertingWarningsCount = (paConverter.WarningsInConvertedPackage() != -1) ? string.Format(" ({0} warnings)", paConverter.WarningsInConvertedPackage()) : " Check report.";
ConvertingErrorsCount = (paConverter.ErrorsInConvertedPackage() != -1) ? string.Format(" ({0} errors)", paConverter.ErrorsInConvertedPackage()) : " Check report.";
break;
default:
CoversionIssuesPreviewPanel.Visibility = Visibility.Collapsed;
ConvertedOptimizedPolicyPanel.Visibility = Visibility.Collapsed;
RulebaseOptimizedScriptLink.Visibility = Visibility.Collapsed;
break;
}
OriginalFileLink.Tag = vendorConverter.VendorHtmlFile;
ConvertingWarningsLink.Tag = vendorConverter.WarningsHtmlFile;
ConvertingErrorsLink.Tag = vendorConverter.ErrorsHtmlFile;
ConvertedPolicyLink.Tag = vendorConverter.PolicyHtmlFile;
ConvertedOptimizedPolicyLink.Tag = vendorConverter.PolicyOptimizedHtmlFile;
ConvertedNatPolicyLink.Tag = vendorConverter.NatHtmlFile;
ObjectsScriptLink.Tag = vendorConverter.ObjectsScriptFile;
RulebaseScriptLink.Tag = vendorConverter.PolicyScriptFile;
RulebaseOptimizedScriptLink.Tag = vendorConverter.PolicyOptimizedScriptFile;
}
private async void Go_OnClick(object sender, RoutedEventArgs e)
{
string fileName = Path.GetFileNameWithoutExtension(ConfigFilePath.Text);
if (string.IsNullOrEmpty(ConfigFilePath.Text) || string.IsNullOrEmpty(fileName))
{
ShowMessage("Configuration file is not selected.", MessageTypes.Error);
return;
}
if (!File.Exists(ConfigFilePath.Text))
{
ShowMessage("Cannot find configuration file.", MessageTypes.Error);
return;
}
if (fileName.Length > 20)
{
ShowMessage("Configuration file name is restricted to 20 characters at most.", MessageTypes.Error);
return;
}
if (!Directory.Exists(TargetFolderPath.Text))
{
ShowMessage("Cannot find target folder for conversion output.", MessageTypes.Error);
return;
}
if (ConvertUserConfiguration)
{
if (LDAPAccountUnit.Text.Trim().Equals("") || LDAPAccountUnit.Text.Trim().Contains(" "))
{
ShowMessage("LDAP Account Unit field cannot be empty or containt space(s).", MessageTypes.Error);
return;
}
}
Mouse.OverrideCursor = System.Windows.Input.Cursors.Wait;
EnableDisableControls(false);
ProgressPanel.Visibility = Visibility.Visible;
ResultsPanel.Visibility = Visibility.Collapsed;
OutputPanel.Visibility = Visibility.Visible;
UpdateProgress(10, "Parsing configuration file ...");
VendorParser vendorParser;
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
vendorParser = new CiscoParser();
break;
case Vendor.JuniperJunosOS:
vendorParser = new JuniperParser();
break;
case Vendor.JuniperScreenOS:
vendorParser = new ScreenOSParser();
break;
case Vendor.FortiGate:
vendorParser = new FortiGateParser();
break;
case Vendor.PaloAlto:
vendorParser = new PaloAltoParser();
break;
default:
throw new InvalidDataException("Unexpected!!!");
}
try
{
string ciscoFile = ConfigFilePath.Text;
await Task.Run(() => vendorParser.Parse(ciscoFile));
}
catch (Exception ex)
{
Mouse.OverrideCursor = null;
EnableDisableControls(true);
OutputPanel.Visibility = Visibility.Collapsed;
ShowMessage(string.Format("Could not parse configuration file.\n\nMessage: {0}\nModule:\t{1}\nClass:\t{2}\nMethod:\t{3}", ex.Message, ex.Source, ex.TargetSite.ReflectedType.Name, ex.TargetSite.Name), MessageTypes.Error);
return;
}
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
if (string.IsNullOrEmpty(vendorParser.Version))
{
ShowMessage("Unspecified ASA version.\nCannot find ASA version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
else if (vendorParser.MajorVersion < 8 || (vendorParser.MajorVersion == 8 && vendorParser.MinorVersion < 3))
{
ShowMessage("Unsupported ASA version (" + vendorParser.Version + ").\nThis tool supports ASA 8.3 and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
break;
case Vendor.JuniperJunosOS:
if (string.IsNullOrEmpty(vendorParser.Version))
{
ShowMessage("Unspecified SRX version.\nCannot find SRX version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
else if (vendorParser.MajorVersion < 12 || (vendorParser.MajorVersion == 12 && vendorParser.MinorVersion < 1))
{
ShowMessage("Unsupported SRX version (" + vendorParser.Version + ").\nThis tool supports SRX 12.1 and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
break;
case Vendor.JuniperScreenOS:
break;
case Vendor.FortiGate:
if (string.IsNullOrEmpty(vendorParser.Version))
{
ShowMessage("Unspecified FortiGate version.\nCannot find FortiGate version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
else if (vendorParser.MajorVersion < 5)
{
ShowMessage("Unsupported FortiGate version (" + vendorParser.Version + ").\nThis tool supports FortiGate 5.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
break;
case Vendor.PaloAlto:
if (string.IsNullOrEmpty(vendorParser.Version))
{
ShowMessage("Unspecified PaloAlto version.\nCannot find PaloAlto PAN-OS version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
else if (vendorParser.MajorVersion < 7)
{
ShowMessage("Unsupported PaloAlto version (" + vendorParser.Version + ").\nThis tool supports PaloAlto PAN-OS 7.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
break;
}
string vendorFileName = Path.GetFileNameWithoutExtension(ConfigFilePath.Text);
string toolVersion = Assembly.GetExecutingAssembly().GetName().Version.ToString();
string targetFolder = TargetFolderPath.Text + "\\";
bool convertNat = ConvertNATConfiguration;
string ldapAccountUnit = LDAPAccountUnit.Text.Trim();
vendorParser.Export(targetFolder + vendorFileName + ".json");
VendorConverter vendorConverter;
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
vendorConverter = new CiscoConverter();
break;
case Vendor.JuniperJunosOS:
vendorConverter = new JuniperConverter();
break;
case Vendor.JuniperScreenOS:
vendorConverter = new ScreenOSConverter();
break;
case Vendor.FortiGate:
FortiGateConverter fgConverter = new FortiGateConverter();
fgConverter.OptimizeConf = SkipUnusedObjectsConversion;
fgConverter.ConvertUserConf = ConvertUserConfiguration;
fgConverter.LDAPAccoutUnit = ldapAccountUnit.Trim();
vendorConverter = fgConverter;
break;
case Vendor.PaloAlto:
PaloAltoConverter paConverter = new PaloAltoConverter();
paConverter.OptimizeConf = SkipUnusedObjectsConversion;
paConverter.ConvertUserConf = ConvertUserConfiguration;
paConverter.LDAPAccoutUnit = ldapAccountUnit.Trim();
vendorConverter = paConverter;
break;
default:
throw new InvalidDataException("Unexpected!!!");
}
vendorConverter.Initialize(vendorParser, ConfigFilePath.Text, toolVersion, targetFolder, DomainName.Text);
vendorConverter.ConversionProgress += OnConversionProgress;
try
{
await Task.Run(() => vendorConverter.Convert(convertNat));
}
catch (Exception ex)
{
Mouse.OverrideCursor = null;
EnableDisableControls(true);
OutputPanel.Visibility = Visibility.Collapsed;
ShowMessage(string.Format("Could not convert configuration file.\n\nMessage: {0}\nModule:\t{1}\nClass:\t{2}\nMethod:\t{3}", ex.Message, ex.Source, ex.TargetSite.ReflectedType.Name, ex.TargetSite.Name), MessageTypes.Error);
return;
}
UpdateProgress(90, "Exporting Check Point configuration ...");
vendorConverter.ExportConfigurationAsHtml();
vendorConverter.ExportPolicyPackagesAsHtml();
if (ConvertNATConfiguration)
{
ConvertedNatPolicyLink.MouseUp -= Link_OnClick;
vendorConverter.ExportNatLayerAsHtml();
//check if the user asked for NAT policy and no rules found.
if (vendorConverter.RulesInNatLayer() == 0) // anly if 0 then we do not show NAT report.
{
ConvertedNatPolicyLink.Style = (Style)ConvertedNatPolicyLink.FindResource("NormalTextBloclStyle");
}
else // otherwise it is single NAT report or Catalog for NAT reports (value = -1)
{
ConvertedNatPolicyLink.Style = (Style)ConvertedNatPolicyLink.FindResource("HyperLinkStyle");
ConvertedNatPolicyLink.MouseUp += Link_OnClick;
}
}
UpdateProgress(100, "");
vendorConverter.ConversionProgress -= OnConversionProgress;
Mouse.OverrideCursor = null;
EnableDisableControls(true);
ProgressPanel.Visibility = Visibility.Collapsed;
ResultsPanel.Visibility = Visibility.Visible;
ShowResults(vendorConverter, vendorParser.ParsedLines);
}
/*
* This is the analog to MainWindow.Go_OnClick() function if application is run as WPF.
* It performs the migration.
*/
public void DoMigration(CommandLine commandLine)
{
string fileName = Path.GetFileNameWithoutExtension(commandLine.ConfigFileName);
//Console.WriteLine("File name: " + fileName);
if (string.IsNullOrEmpty(commandLine.ConfigFileName) || string.IsNullOrEmpty(fileName))
{
Console.WriteLine("Configuration file is not selected.", MessageTypes.Error);
return;
}
if (!File.Exists(commandLine.ConfigFileName))
{
Console.WriteLine("Cannot find configuration file.", MessageTypes.Error);
return;
}
if (fileName.Length > 20)
{
Console.WriteLine("Configuration file name is restricted to 20 characters at most.", MessageTypes.Error);
return;
}
if (!Directory.Exists(commandLine.TargetFolder))
{
Console.WriteLine("Cannot find target folder for conversion output.", MessageTypes.Error);
return;
}
VendorParser vendorParser;
switch (commandLine.Vendor)
{
case "CiscoASA":
vendorParser = new CiscoParser();
break;
case "JuniperSRX":
vendorParser = new JuniperParser();
break;
case "JuniperSSG":
vendorParser = new ScreenOSParser();
break;
case "FortiNet":
vendorParser = new FortiGateParser();
break;
case "PaloAlto":
vendorParser = new PaloAltoParser();
break;
case "Panorama":
vendorParser = new PanoramaParser();
break;
default:
throw new InvalidDataException("Unexpected!!!");
}
try
{
string ciscoFile = commandLine.ConfigFileName;
Console.WriteLine("Parsing configuration file...");
if (commandLine.Vendor.Equals("Panorama"))
{
PanoramaParser panParser = (PanoramaParser)vendorParser;
panParser.ParseWithTargetFolder(ciscoFile, TargetFolder);
}
else
{
vendorParser.Parse(ciscoFile);
}
}
catch (Exception ex)
{
Console.WriteLine(string.Format("Could not parse configuration file.\n\nMessage: {0}\nModule:\t{1}\nClass:\t{2}\nMethod:\t{3}", ex.Message, ex.Source, ex.TargetSite.ReflectedType.Name, ex.TargetSite.Name), MessageTypes.Error);
return;
}
#region check middleware version
switch (commandLine.Vendor)
{
case "CiscoASA":
if (string.IsNullOrEmpty(vendorParser.Version))
{
Console.WriteLine("Unspecified ASA version.\nCannot find ASA version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
else if (vendorParser.MajorVersion < 8 || (vendorParser.MajorVersion == 8 && vendorParser.MinorVersion < 3))
{
Console.WriteLine("Unsupported ASA version (" + vendorParser.Version + ").\nThis tool supports ASA 8.3 and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
break;
case "JuniperSRX":
if (string.IsNullOrEmpty(vendorParser.Version))
{
Console.WriteLine("Unspecified SRX version.\nCannot find SRX version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
else if (vendorParser.MajorVersion < 12 || (vendorParser.MajorVersion == 12 && vendorParser.MinorVersion < 1))
{
Console.WriteLine("Unsupported SRX version (" + vendorParser.Version + ").\nThis tool supports SRX 12.1 and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
break;
case "JuniperSSG":
break;
case "FortiNet":
if (string.IsNullOrEmpty(vendorParser.Version))
{
Console.WriteLine("Unspecified FortiGate version.\nCannot find FortiGate version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
else if (vendorParser.MajorVersion < 5)
{
Console.WriteLine("Unsupported FortiGate version (" + vendorParser.Version + ").\nThis tool supports FortiGate 5.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
break;
case "PaloAlto":
if (string.IsNullOrEmpty(vendorParser.Version))
{
Console.WriteLine("Unspecified PaloAlto version.\nCannot find PaloAlto PAN-OS version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
else if (vendorParser.MajorVersion < 7)
{
Console.WriteLine("Unsupported PaloAlto version (" + vendorParser.Version + ").\nThis tool supports PaloAlto PAN-OS 7.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
break;
case "Panorama":
if (string.IsNullOrEmpty(vendorParser.Version))
{
Console.WriteLine("Unspecified PaloAlto Panorama version.\nCannot find PaloAlto Panorama version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
else if (vendorParser.MajorVersion < 7)
{
Console.WriteLine("Unsupported PaloAlto version (" + vendorParser.Version + ").\nThis tool supports PaloAlto Panorama 7.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
break;
}
#endregion
string vendorFileName = Path.GetFileNameWithoutExtension(commandLine.ConfigFileName);
string toolVersion = Assembly.GetExecutingAssembly().GetName().Version.ToString();
string targetFolder = commandLine.TargetFolder + "\\";
bool convertNat = commandLine.ConvertNat;
string ldapAccountUnit = commandLine.LdapAccountUnit;
vendorParser.Export(targetFolder + vendorFileName + ".json");
VendorConverter vendorConverter;
switch (commandLine.Vendor)
{
case "CiscoASA":
vendorConverter = new CiscoConverter();
break;
case "JuniperSRX":
vendorConverter = new JuniperConverter();
break;
case "JuniperSSG":
vendorConverter = new ScreenOSConverter();
break;
case "FortiNet":
FortiGateConverter fgConverter = new FortiGateConverter();
fgConverter.OptimizeConf = commandLine.DontImportUnusedObjects;
fgConverter.ConvertUserConf = commandLine.ConvertUserConfiguration;
fgConverter.LDAPAccoutUnit = ldapAccountUnit;
vendorConverter = fgConverter;
break;
case "PaloAlto":
PaloAltoConverter paConverter = new PaloAltoConverter();
paConverter.OptimizeConf = commandLine.DontImportUnusedObjects;
paConverter.ConvertUserConf = commandLine.ConvertUserConfiguration;
paConverter.LDAPAccoutUnit = ldapAccountUnit;
vendorConverter = paConverter;
break;
case "Panorama":
PanoramaConverter panoramaConverter = new PanoramaConverter();
panoramaConverter.OptimizeConf = commandLine.DontImportUnusedObjects;
panoramaConverter.ConvertUserConf = commandLine.ConvertUserConfiguration;
panoramaConverter.LDAPAccoutUnit = ldapAccountUnit;
vendorConverter = panoramaConverter;
break;
default:
throw new InvalidDataException("Unexpected!!!");
}
vendorConverter.Initialize(vendorParser, commandLine.ConfigFileName, toolVersion, targetFolder, commandLine.Domain);
try
{
Console.WriteLine("Conversion is in progress...");
vendorConverter.Convert(convertNat);
Console.WriteLine("Conversion is finished.");
}
catch (Exception ex)
{
if (ex is InvalidDataException && ex.Message != null && ex.Message.Contains("Policy exceeds the maximum number"))
{
Console.WriteLine(String.Format("{1}{0}{2}{0}{3}", Environment.NewLine, "SmartMove is unable to convert the provided policy.",
"Reason: Policy exceeds the maximum number of supported policy layers.",
"To assure the smooth conversion of your data, it is recommended to contact Check Point Professional Services by sending an e-mail to [email protected]"));
}
else
{
Console.WriteLine(string.Format("Could not convert configuration file.\n\nMessage: {0}\nModule:\t{1}\nClass:\t{2}\nMethod:\t{3}", ex.Message, ex.Source, ex.TargetSite.ReflectedType.Name, ex.TargetSite.Name), MessageTypes.Error);
}
return;
}
vendorConverter.ExportConfigurationAsHtml();
vendorConverter.ExportPolicyPackagesAsHtml();
if (commandLine.ConvertNat)
{
vendorConverter.ExportNatLayerAsHtml();
}
}
private async void Analyze_OnClickAsync(object sender, RoutedEventArgs e)
{
string fileName = Path.GetFileNameWithoutExtension(ConfigFilePath.Text);
if (string.IsNullOrEmpty(ConfigFilePath.Text) || string.IsNullOrEmpty(fileName))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Configuration file is not selected.");
MainWindow.ShowMessage("Configuration file is not selected.", MessageTypes.Error);
return;
}
if (!File.Exists(ConfigFilePath.Text))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Cannot find configuration file.");
MainWindow.ShowMessage("Cannot find configuration file.", MessageTypes.Error);
return;
}
if (fileName.Length > 20)
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Configuration file name is restricted to 20 characters at most.");
MainWindow.ShowMessage("Configuration file name is restricted to 20 characters at most.", MessageTypes.Error);
return;
}
if (!Directory.Exists(TargetFolderPath.Text))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Cannot find target folder for conversion output.");
MainWindow.ShowMessage("Cannot find target folder for conversion output.", MessageTypes.Error);
return;
}
VendorParser vendorParser;
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
vendorParser = new CiscoParser();
break;
case Vendor.JuniperJunosOS:
vendorParser = new JuniperParser();
break;
case Vendor.JuniperScreenOS:
vendorParser = new ScreenOSParser();
break;
case Vendor.FortiGate:
vendorParser = new FortiGateParser();
break;
case Vendor.PaloAlto:
vendorParser = new PaloAltoParser();
break;
case Vendor.PaloAltoPanorama:
string compressorsDirPath = Directory.GetCurrentDirectory() + Path.DirectorySeparatorChar + "compressors";
string compressorZip = Path.Combine(compressorsDirPath, "zip.exe");
string compressorGtar = Path.Combine(compressorsDirPath, "gtar.exe");
string compressorGzip = Path.Combine(compressorsDirPath, "gzip.exe");
if (!File.Exists(compressorZip) || !File.Exists(compressorGtar) || !File.Exists(compressorGzip))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "The system cannot find the required files. ");
MainWindow.ShowMessage(null, MessageTypes.Error, "these instructions", "https://github.com/CheckPointSW/SmartMove#smart-connector-and-paloalto-panorama-instructions",
null, null, String.Format("{1}{0}{2}", Environment.NewLine, "The system cannot find the required files. ", "Please follow"));
return;
}
vendorParser = new PanoramaParser();
break;
default:
throw new InvalidDataException("Unexpected!!!");
}
Mouse.OverrideCursor = System.Windows.Input.Cursors.Wait;
EnableDisableControls(false);
ProgressPanel.Visibility = Visibility.Visible;
ResultsPanel.Visibility = Visibility.Collapsed;
OutputPanel.Visibility = Visibility.Visible;
UpdateProgress(10, "Parsing configuration file ...");
string vendorFileName = Path.GetFileNameWithoutExtension(ConfigFilePath.Text);
string toolVersion = Assembly.GetExecutingAssembly().GetName().Version.ToString();
string targetFolder = TargetFolderPath.Text + "\\";
try
{
string ciscoFile = ConfigFilePath.Text;
switch (_supportedVendors.SelectedVendor)
{
case Vendor.PaloAltoPanorama:
PanoramaParser panParser = (PanoramaParser)vendorParser;
await Task.Run(() => panParser.ParseWithTargetFolder(ciscoFile, targetFolder));
break;
default:
await Task.Run(() => vendorParser.Parse(ciscoFile));
break;
}
}
catch (Exception ex)
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", ex.Message + "\n" + ex.StackTrace);
Mouse.OverrideCursor = null;
EnableDisableControls(true);
OutputPanel.Visibility = Visibility.Collapsed;
MainWindow.ShowMessage("Could not parse configuration file.", "Message:\nModule:\nClass:\nMethod:", string.Format("{0}\n{1}\n{2}\n{3}", ex.Message, ex.Source, ex.TargetSite.ReflectedType.Name, ex.TargetSite.Name), MessageTypes.Error);
return;
}
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
if (string.IsNullOrEmpty(vendorParser.Version))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unspecified ASA version.\nCannot find ASA version for the selected configuration.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unspecified ASA version.\nCannot find ASA version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
else if (vendorParser.MajorVersion < 8 || (vendorParser.MajorVersion == 8 && vendorParser.MinorVersion < 3))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unsupported ASA version (" + vendorParser.Version + ").\nThis tool supports ASA 8.3 and above configuration files.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unsupported ASA version (" + vendorParser.Version + ").\nThis tool supports ASA 8.3 and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
break;
case Vendor.JuniperJunosOS:
if (string.IsNullOrEmpty(vendorParser.Version))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unspecified SRX version.\nCannot find SRX version for the selected configuration.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unspecified SRX version.\nCannot find SRX version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
else if (vendorParser.MajorVersion < 12 || (vendorParser.MajorVersion == 12 && vendorParser.MinorVersion < 1))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unsupported SRX version (" + vendorParser.Version + ").\nThis tool supports SRX 12.1 and above configuration files.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unsupported SRX version (" + vendorParser.Version + ").\nThis tool supports SRX 12.1 and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
break;
case Vendor.JuniperScreenOS:
break;
case Vendor.FortiGate:
if (string.IsNullOrEmpty(vendorParser.Version))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unspecified FortiGate version.\nCannot find FortiGate version for the selected configuration.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unspecified FortiGate version.\nCannot find FortiGate version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
else if (vendorParser.MajorVersion < 5)
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unsupported FortiGate version (" + vendorParser.Version + ").\nThis tool supports FortiGate 5.x and above configuration files.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unsupported FortiGate version (" + vendorParser.Version + ").\nThis tool supports FortiGate 5.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
break;
case Vendor.PaloAlto:
if (string.IsNullOrEmpty(vendorParser.Version))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unspecified PaloAlto version.\nCannot find PaloAlto PAN-OS version for the selected configuration.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unspecified PaloAlto version.\nCannot find PaloAlto PAN-OS version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
else if (vendorParser.MajorVersion < 7)
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unsupported PaloAlto version (" + vendorParser.Version + ").\nThis tool supports PaloAlto PAN-OS 7.x and above configuration files.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unsupported PaloAlto version (" + vendorParser.Version + ").\nThis tool supports PaloAlto PAN-OS 7.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
break;
case Vendor.PaloAltoPanorama:
if (string.IsNullOrEmpty(vendorParser.Version))
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unspecified PaloAlto version.\nCannot find PaloAlto Panorama version for the selected configuration.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unspecified PaloAlto version.\nCannot find PaloAlto Panorama version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
else if (vendorParser.MajorVersion < 7)
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", "Unsupported PaloAlto version (" + vendorParser.Version + ").\nThis tool supports PaloAlto Panorama 7.x and above configuration files.\nThe configuration may not parse correctly.");
MainWindow.ShowMessage("Unsupported PaloAlto version (" + vendorParser.Version + ").\nThis tool supports PaloAlto Panorama 7.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Error);
return;
}
break;
}
vendorParser.Export(targetFolder + vendorFileName + ".json");
VendorConverter vendorConverter;
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
vendorConverter = new CiscoConverter();
break;
case Vendor.JuniperJunosOS:
vendorConverter = new JuniperConverter();
break;
case Vendor.JuniperScreenOS:
vendorConverter = new ScreenOSConverter();
break;
case Vendor.FortiGate:
vendorConverter = new FortiGateConverter();
break;
case Vendor.PaloAlto:
vendorConverter = new PaloAltoConverter();
break;
case Vendor.PaloAltoPanorama:
vendorConverter = new PanoramaConverter();
break;
default:
throw new InvalidDataException("Unexpected!!!");
}
//here outputformat was set to 'json' by default manually because there is no an option for it on GUI
vendorConverter.Initialize(vendorParser, ConfigFilePath.Text, toolVersion, targetFolder, "", "json");
vendorConverter.ConversionProgress += OnConversionProgress;
try
{
await Task.Run(() => vendorConverter.Analyze());
}
catch (Exception ex)
{
SMDebugger.PrintToDebug(TargetFolderPath.Text + "\\", ex.Message + "\n" + ex.StackTrace);
Mouse.OverrideCursor = null;
EnableDisableControls(true);
OutputPanel.Visibility = Visibility.Collapsed;
if (ex is InvalidDataException && ex.Message != null && ex.Message.Contains("Policy exceeds the maximum number"))
{
MainWindow.ShowMessage(null, MessageTypes.Error, "*****@*****.**", "mailto:[email protected]", null, null,
String.Format("{1}{0}{2}{0}{3}", Environment.NewLine, "SmartAnalyze is unable to analyze the provided policy.",
"Reason: Policy exceeds the maximum number of supported policy layers.",
"To assure the smooth conversion of your data, it is recommended to contact Check Point Professional Services by sending an e-mail to"));
}
else
{
MainWindow.ShowMessage("Could not analyze process file.", "Message:\nModule:\nClass:\nMethod:", string.Format("{0}\n{1}\n{2}\n{3}", ex.Message, ex.Source, ex.TargetSite.ReflectedType.Name, ex.TargetSite.Name), MessageTypes.Error);
}
return;
}
UpdateProgress(90, "Exporting Check Point report ...");
//if ((typeof(PanoramaConverter) != vendorConverter.GetType() && typeof(FortiGateConverter) != vendorConverter.GetType()))
//{
// vendorConverter.ExportManagmentReport();
//}
UpdateProgress(100, "");
vendorConverter.ConversionProgress -= OnConversionProgress;
Mouse.OverrideCursor = null;
EnableDisableControls(true);
ProgressPanel.Visibility = Visibility.Collapsed;
ResultsPanel.Visibility = Visibility.Visible;
ShowResults(vendorConverter);
}
private async void Go_OnClick(object sender, RoutedEventArgs e)
{
string fileName = Path.GetFileNameWithoutExtension(ConfigFilePath.Text);
if (string.IsNullOrEmpty(ConfigFilePath.Text) || string.IsNullOrEmpty(fileName))
{
ShowMessage("Configuration file is not selected.", MessageTypes.Error);
return;
}
if (!File.Exists(ConfigFilePath.Text))
{
ShowMessage("Cannot find configuration file.", MessageTypes.Error);
return;
}
if (fileName.Length > 20)
{
ShowMessage("Configuration file name is restricted to 20 characters at most.", MessageTypes.Error);
return;
}
if (!Directory.Exists(TargetFolderPath.Text))
{
ShowMessage("Cannot find target folder for conversion output.", MessageTypes.Error);
return;
}
if (ConvertUserConfiguration)
{
if (LDAPAccountUnit.Text.Trim().Equals("") || LDAPAccountUnit.Text.Trim().Contains(" "))
{
ShowMessage("LDAP Account Unit field cannot be empty or containt space(s).", MessageTypes.Error);
return;
}
}
VendorParser vendorParser;
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
vendorParser = new CiscoParser();
break;
case Vendor.JuniperJunosOS:
vendorParser = new JuniperParser();
break;
case Vendor.JuniperScreenOS:
vendorParser = new ScreenOSParser();
break;
case Vendor.FortiGate:
vendorParser = new FortiGateParser();
break;
case Vendor.PaloAlto:
vendorParser = new PaloAltoParser();
break;
case Vendor.PaloAltoPanorama:
string compressorsDirPath = Directory.GetCurrentDirectory() + Path.DirectorySeparatorChar + "compressors";
string compressorZip = Path.Combine(compressorsDirPath, "zip.exe");
string compressorGtar = Path.Combine(compressorsDirPath, "gtar.exe");
string compressorGzip = Path.Combine(compressorsDirPath, "gzip.exe");
if (!File.Exists(compressorZip) || !File.Exists(compressorGtar) || !File.Exists(compressorGzip))
{
ShowMessage(String.Format("{1}{0}{2}", Environment.NewLine, "The system cannot find the required files. ",
"Please follow"), MessageTypes.Error, "these instructions", "https://github.com/CheckPointSW/SmartMove#smart-connector-and-paloalto-panorama-instructions");
return;
}
vendorParser = new PanoramaParser();
break;
default:
throw new InvalidDataException("Unexpected!!!");
}
Mouse.OverrideCursor = System.Windows.Input.Cursors.Wait;
EnableDisableControls(false);
ProgressPanel.Visibility = Visibility.Visible;
ResultsPanel.Visibility = Visibility.Collapsed;
OutputPanel.Visibility = Visibility.Visible;
UpdateProgress(10, "Parsing configuration file ...");
string vendorFileName = Path.GetFileNameWithoutExtension(ConfigFilePath.Text);
string toolVersion = Assembly.GetExecutingAssembly().GetName().Version.ToString();
string targetFolder = TargetFolderPath.Text + "\\";
bool convertNat = ConvertNATConfiguration;
string ldapAccountUnit = LDAPAccountUnit.Text.Trim();
try
{
string ciscoFile = ConfigFilePath.Text;
switch (_supportedVendors.SelectedVendor)
{
case Vendor.PaloAltoPanorama:
PanoramaParser panParser = (PanoramaParser)vendorParser;
await Task.Run(() => panParser.ParseWithTargetFolder(ciscoFile, targetFolder));
break;
default:
await Task.Run(() => vendorParser.Parse(ciscoFile));
break;
}
}
catch (Exception ex)
{
Mouse.OverrideCursor = null;
EnableDisableControls(true);
OutputPanel.Visibility = Visibility.Collapsed;
ShowMessage(string.Format("Could not parse configuration file.\n\nMessage: {0}\nModule:\t{1}\nClass:\t{2}\nMethod:\t{3}", ex.Message, ex.Source, ex.TargetSite.ReflectedType.Name, ex.TargetSite.Name), MessageTypes.Error);
return;
}
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
if (string.IsNullOrEmpty(vendorParser.Version))
{
ShowMessage("Unspecified ASA version.\nCannot find ASA version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
else if (vendorParser.MajorVersion < 8 || (vendorParser.MajorVersion == 8 && vendorParser.MinorVersion < 3))
{
ShowMessage("Unsupported ASA version (" + vendorParser.Version + ").\nThis tool supports ASA 8.3 and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
break;
case Vendor.JuniperJunosOS:
if (string.IsNullOrEmpty(vendorParser.Version))
{
ShowMessage("Unspecified SRX version.\nCannot find SRX version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
else if (vendorParser.MajorVersion < 12 || (vendorParser.MajorVersion == 12 && vendorParser.MinorVersion < 1))
{
ShowMessage("Unsupported SRX version (" + vendorParser.Version + ").\nThis tool supports SRX 12.1 and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
break;
case Vendor.JuniperScreenOS:
break;
case Vendor.FortiGate:
if (string.IsNullOrEmpty(vendorParser.Version))
{
ShowMessage("Unspecified FortiGate version.\nCannot find FortiGate version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
else if (vendorParser.MajorVersion < 5)
{
ShowMessage("Unsupported FortiGate version (" + vendorParser.Version + ").\nThis tool supports FortiGate 5.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
break;
case Vendor.PaloAlto:
if (string.IsNullOrEmpty(vendorParser.Version))
{
ShowMessage("Unspecified PaloAlto version.\nCannot find PaloAlto PAN-OS version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
else if (vendorParser.MajorVersion < 7)
{
ShowMessage("Unsupported PaloAlto version (" + vendorParser.Version + ").\nThis tool supports PaloAlto PAN-OS 7.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
}
break;
case Vendor.PaloAltoPanorama:
if (string.IsNullOrEmpty(vendorParser.Version))
{
ShowMessage("Unspecified PaloAlto version.\nCannot find PaloAlto Panorama version for the selected configuration.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
else if (vendorParser.MajorVersion < 7)
{
ShowMessage("Unsupported PaloAlto version (" + vendorParser.Version + ").\nThis tool supports PaloAlto Panorama 7.x and above configuration files.\nThe configuration may not parse correctly.", MessageTypes.Warning);
return;
}
break;
}
vendorParser.Export(targetFolder + vendorFileName + ".json");
VendorConverter vendorConverter;
switch (_supportedVendors.SelectedVendor)
{
case Vendor.CiscoASA:
vendorConverter = new CiscoConverter();
break;
case Vendor.JuniperJunosOS:
vendorConverter = new JuniperConverter();
break;
case Vendor.JuniperScreenOS:
vendorConverter = new ScreenOSConverter();
break;
case Vendor.FortiGate:
FortiGateConverter fgConverter = new FortiGateConverter();
fgConverter.OptimizeConf = SkipUnusedObjectsConversion;
fgConverter.ConvertUserConf = ConvertUserConfiguration;
fgConverter.LDAPAccoutUnit = ldapAccountUnit.Trim();
vendorConverter = fgConverter;
break;
case Vendor.PaloAlto:
PaloAltoConverter paConverter = new PaloAltoConverter();
paConverter.OptimizeConf = SkipUnusedObjectsConversion;
paConverter.ConvertUserConf = ConvertUserConfiguration;
paConverter.LDAPAccoutUnit = ldapAccountUnit.Trim();
vendorConverter = paConverter;
break;
case Vendor.PaloAltoPanorama:
PanoramaConverter panoramaConverter = new PanoramaConverter();
panoramaConverter.OptimizeConf = SkipUnusedObjectsConversion;
panoramaConverter.ConvertUserConf = ConvertUserConfiguration;
panoramaConverter.LDAPAccoutUnit = ldapAccountUnit.Trim();
vendorConverter = panoramaConverter;
break;
default:
throw new InvalidDataException("Unexpected!!!");
}
vendorConverter.Initialize(vendorParser, ConfigFilePath.Text, toolVersion, targetFolder, DomainName.Text);
vendorConverter.ConversionProgress += OnConversionProgress;
try
{
await Task.Run(() => vendorConverter.Convert(convertNat));
}
catch (Exception ex)
{
Mouse.OverrideCursor = null;
EnableDisableControls(true);
OutputPanel.Visibility = Visibility.Collapsed;
if (ex is InvalidDataException && ex.Message != null && ex.Message.Contains("Policy exceeds the maximum number"))
{
ShowMessage(String.Format("{1}{0}{2}{0}{3}", Environment.NewLine, "SmartMove is unable to convert the provided policy.",
"Reason: Policy exceeds the maximum number of supported policy layers.",
"To assure the smooth conversion of your data, it is recommended to contact Check Point Professional Services by sending an e-mail to"),
MessageTypes.Error, "*****@*****.**", "mailto:[email protected]");
}
else
{
ShowMessage(string.Format("Could not convert configuration file.\n\nMessage: {0}\nModule:\t{1}\nClass:\t{2}\nMethod:\t{3}", ex.Message, ex.Source, ex.TargetSite.ReflectedType.Name, ex.TargetSite.Name), MessageTypes.Error);
}
return;
}
UpdateProgress(90, "Exporting Check Point configuration ...");
vendorConverter.ExportConfigurationAsHtml();
vendorConverter.ExportPolicyPackagesAsHtml();
if (ConvertNATConfiguration)
{
ConvertedNatPolicyLink.MouseUp -= Link_OnClick;
vendorConverter.ExportNatLayerAsHtml();
//check if the user asked for NAT policy and no rules found.
if (vendorConverter.RulesInNatLayer() == 0) // anly if 0 then we do not show NAT report.
{
ConvertedNatPolicyLink.Style = (Style)ConvertedNatPolicyLink.FindResource("NormalTextBloclStyle");
}
else // otherwise it is single NAT report or Catalog for NAT reports (value = -1)
{
ConvertedNatPolicyLink.Style = (Style)ConvertedNatPolicyLink.FindResource("HyperLinkStyle");
ConvertedNatPolicyLink.MouseUp += Link_OnClick;
}
}
UpdateProgress(100, "");
vendorConverter.ConversionProgress -= OnConversionProgress;
Mouse.OverrideCursor = null;
EnableDisableControls(true);
ProgressPanel.Visibility = Visibility.Collapsed;
ResultsPanel.Visibility = Visibility.Visible;
ShowResults(vendorConverter, vendorParser.ParsedLines);
}