A Flask-based web application that automates the migration of firewall configurations across different vendors. This tool simplifies the complex process of translating network interface mappings and firewall rules from one platform to another.
The Firewall Configuration Migration Tool provides a user-friendly interface for:
- Configuration Parsing: Automatically parse firewall configurations from multiple vendors
- Interface Mapping: Interactively map interfaces from old firewalls to new hardware
- Configuration Generation: Generate new configurations with updated interface mappings
- Export: Download the migrated configuration ready for deployment
- Cisco (IOS, ASA)
- Fortinet FortiGate
- Palo Alto Networks
- Check Point
- Juniper Networks
- SonicWall
- pfSense
- Python 3.8 or higher
- pip (Python package manager)
-
Clone the repository
git clone https://github.com/minaa66/Morad_same_firewall_migration.git cd Morad_same_firewall_migration -
Create a virtual environment (recommended)
python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate
-
Install dependencies
pip install -r requirements.txt
Linux/macOS:
python app.pyWindows:
python app.pyOr use the provided batch script:
start_firewall_tool.batThe application will be available at: http://localhost:5000
β¨ Multi-Vendor Support: Parse and migrate configurations from 7 different firewall vendors
π Automatic Interface Mapping: Intelligent algorithms for suggesting interface mappings based on configuration analysis
π¨ Interactive Web UI: Intuitive step-by-step workflow for configuration migration
π Session Management: Secure file-based session storage for handling large configurations
β Validation: Built-in validation checks to warn about potential issues
π₯ Bulk Upload: Support for multiple file formats (.txt, .cfg, .conf, .config)
π€ Export Ready: Download migrated configurations in standard format
βββ app.py # Main Flask application
βββ requirements.txt # Python dependencies
βββ core/ # Core migration logic
β βββ config_generator.py # Configuration generation engine
β βββ interface_mapper.py # Interface mapping logic
β βββ session_manager.py # File-based session management
βββ parsers/ # Vendor-specific parsers
β βββ cisco_parser.py
β βββ fortigate_parser.py
β βββ paloalto_parser.py
β βββ checkpoint_parser.py
β βββ juniper_parser.py
β βββ sonicwall_parser.py
β βββ pfsense_parser.py
βββ templates/ # HTML templates for web interface
βββ uploads/ # Temporary file storage
βββ sample_configs/ # Example configuration files
βββ create_shortcut.bat # Windows shortcut creation script
βββ start_firewall_tool.bat # Windows startup script
βββ python-3.14.0-amd64.exe # Python runtime (Windows)
- Upload Configurations - Upload old and new firewall configuration files
- Select Vendor - Choose the firewall vendor type
- Map Interfaces - Review and adjust automatic interface mappings
- Validate - Verify all mappings are correct
- Preview - Review the generated configuration
- Export - Download the migrated configuration file
Main Flask application handling:
- Routes and request processing
- File upload management
- Session management
- Configuration workflow orchestration
Handles:
- Automatic interface mapping generation
- Mapping validation
- Conflict detection and warnings
Responsible for:
- Reading original configurations
- Applying interface mappings
- Generating new firewall configurations
Manages:
- File-based session storage
- Large configuration data handling
- Session cleanup and lifecycle
Vendor-specific parser modules:
- Parse interface configurations
- Extract relevant network settings
- Standardize data format for processing
requirements.txt- Python package dependencies (Flask, Werkzeug, etc.)- Sample configurations in
sample_configs/directory for testing
.txt- Text files.cfg- Configuration files.conf- Configuration files.config- Configuration files
Maximum file size: 10MB
The application includes comprehensive error handling for:
- Invalid file formats
- Missing interface data
- File size violations
- Session expiration
- Configuration parsing errors
- Secure filename handling
- File upload validation
- Session-based data storage
- File size limits (10MB)
- Temporary file cleanup
- Chrome (latest)
- Firefox (latest)
- Safari (latest)
- Edge (latest)
| Endpoint | Method | Description |
|---|---|---|
/ |
GET | Main landing page |
/upload |
GET, POST | Upload old and new configuration files |
/mapping |
GET | Interactive interface mapping interface |
/update_mapping |
POST | Update interface mappings via AJAX |
/validate_mappings |
GET | Validate current mappings |
/preview |
GET | Preview generated configuration |
/export |
GET | Export final configuration file |
/cleanup_session |
GET | Clean up session data |
If port 5000 is already in use, modify the port in app.py:
app.run(debug=True, host='0.0.0.0', port=5001)Ensure all requirements are installed:
pip install --upgrade -r requirements.txt- Verify file format is supported (.txt, .cfg, .conf, .config)
- Check file size is under 10MB
- Ensure both old and new configuration files are selected
- Handles configurations up to 10MB
- File-based session storage for scalability
- Optimized interface mapping algorithms
- Real-time validation feedback
- Database-backed session storage
- Advanced configuration validation rules
- Support for additional firewall vendors
- Batch processing capabilities
- Configuration comparison tools
- API endpoints for programmatic access
This project is provided as-is for firewall configuration migration purposes.
For issues, questions, or contributions, please open an issue on GitHub.
Created by minaa66
Last Updated: 2026-03-20 16:13:56