[NetSec] Fortigate Policy Exporter

I wrote a very simple yet useful script to export Fortigate firewall policies in CSV format.

As you may see, what it does is simply catching the keywords from the fields that we want to export and print the output directly to a file called output.csv.

It is also on Github under GPL.

# Fortigate 5.2.x Policy Exporter v1.0
# Put the output of the “config firewall policy / show” commands into the same directory of this script as fw.txt.
# It will create a file called output.csv in the same directory.

from __future__ import print_function
import re
import sys

with open(‘fw.txt’, ‘r’) as testfile:
data=testfile.read().replace(‘\n’, ”)

output0 = re.compile(‘edit(.*?)set’, re.DOTALL | re.IGNORECASE).findall(data)
output1 = re.compile(‘srcintf(.*?)set’, re.DOTALL | re.IGNORECASE).findall(data)
output2 = re.compile(‘dstintf(.*?)set’, re.DOTALL | re.IGNORECASE).findall(data)
output3 = re.compile(‘srcaddr(.*?)set’, re.DOTALL | re.IGNORECASE).findall(data)
output4 = re.compile(‘dstaddr(.*?)set’, re.DOTALL | re.IGNORECASE).findall(data)
output5 = re.compile(‘service(.*?)set’, re.DOTALL | re.IGNORECASE).findall(data)



csv=open(‘output.csv’, ‘w’)

print (“PoliycID,Source Interface,Destination Interface,Source IP,Destination IP,Services”, file = csv)

for k in range(0,rows):
print (output0[k],”,”,output1[k],”,”,output2[k],”,”,output3[k],”,”,output4[k],”,”,output5[k], file = csv)
print (“DONE”)



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s