Screen OS

Hi all,

one of our customers asked for the following:

- A list of all IP addresses in use by any policy

Simple enough, you wouldthink, right? Right? Nope, at least not for me:

# get policy all | include 192.168.1

returns a number of policies with 192.168.1 addresses in it.Fair enough, but my first problem is that output contains e.g.:

192.168.1.23~

Nou would that be 192.168.1.231? .232? of 192.168.1.23/32?

The same problem arises for address book entries:

# get address book

ABookEntry~     192.168.1.23~

ABookEntry~     192.168.1.23~

ABookEntry~     192.168.1.23~

AddressBo~     192.168.1.21~

Now we also found the second problem: I cannot search by get policy | include when the address book entries do not contain the address or subnet - as is best practice.

Does anyone know how to get 'resolve' address book entries to addresses? And at the same time expand the columns so that no summarization takes place?

Thanks in advance, would be much, much appreciated!

Best regards,

Alex

Hey Alex - I use a nice tool published on sourceforge. Here is the link to it:

http://ns2html.sourceforge.net/

It extracts the configs and formats them into very nice, readable html documents. Very helpful tool.

Hey Kevin,

that is a helpful tool indeed!

Solves only part of my problem though, which is too bad for me

I really need this Address Book to true address resolving... then again, with this tool as an example I might be able to write something myself... hmmmm....

Thanks for tip!

Alex