Importing objects

You can either export existing objects from a firewall or create a new CSV file.

To export the CSV file from a firewall:

1. Connect to the firewall,
2. Go to Objects > Objects,
3. Click on Export.

This file contains all the network objects and groups on your firewall.

IMPORTANT
If you are modifying a CSV file that was exported from a firewall, check that the editing software has not modified the contents of the file, in which case the file may not be imported on the SMC server.

To create a new CSV file, and to find out details about header lines and the parameters to specify according to the object's category, you may:

• Choose to export objects from a firewall,
• Look up the example given on the SMC server as indicated above.

Specifying firewalls on which objects are to be deployed

By default, objects are deployed only on the firewalls that use them. However, in the CSV file, you may indicate the firewalls on which deployment will be forced using the #deployment column.

Example of a Host object being created:

1. Enter the following parameters in the columns of the file header:

   #type,#name,#ip,#ipv6,#resolve,#mac,#deployment,#comment

2. Enter the values corresponding to the parameters in the lines after the header for each Host object to be imported (example):

   host,dns1.google.com,8.8.8.8,2001:4860:4860::8888,,,ALL,"Google Public DNS Server"

The prescribed values of the #resolve parameter are "dynamic" and "static".

The #deployment parameter may take on any of the following values:

• Empty or DEFAULT: this is its default behavior - the object is deployed only on the firewalls that use it.
• ALL: the object is deployed on all firewalls.
• "Firewall 1,Firewall 2": list of firewall names between quotation marks and separated by commas. The object is deployed on these firewalls as well as the firewalls that use it.

You need read/write privileges to import objects.

1. In the Objects menu, click on the icon.
2. Select Import.
3. Select the CSV file to import.
4. If necessary, select the option that allows you to update existing objects by replacing them with objects found in the file.

In case of error, refer to the import summary.

No other actions can be performed on the server while objects are being imported.

1. Start by copying the CSV file on the SMC server using the SSH protocol in the /tmp folder for example.
2. Log in to the SMC server via the console of your hypervisor or in SSH.
3. To import all object types, enter the command:
   smc-import-objects --csv-file /tmp/file.csv.
4. To view imported objects in the SMC web interface, refresh the page or log off and log on again.

Whether each object or group has been imported will be indicated, as well as a summary when the import is complete.

You can also choose the types of objects to import.

EXAMPLE
To import only Host and IP address range objects from a CSV file, enter the command:
smc-import-objects --csv-file /tmp/file.csv --host --range

The commands to be entered according to the type of object are:

Object type	Command
Host	--host
DNS name (FQDN)	--fqdn
Network	--network
IP address range	--range
Router	--router
SLA	--sla
Group 1 When importing a group, objects included in the group must already exist on the SMC server, otherwise the group will not be created. Import them beforehand through another CSV file or create them manually in the web interface.	--group
IP protocol	--protocol
Service (port)	--service
Port group	--servicegroup
Time	--time

Customized variables such as %CUSTOM_X% can be used instead of IPv4 or IPv6 address values in Host, Network and IP address range objects. These customized variables are defined in the Customized variables tab in the Edit firewall panel accessible by double clicking on the line of a firewall in monitoring view.

If an imported object already existed in SMC, an error will appear. You may use the --update option to overwrite the existing object with the one indicated in the CSV file.