Difference between revisions of "local firewall objects database"

From cpwiki.net
Jump to: navigation, search
Check Point Profressional Services
(commands to run locally on the firewall)
 
(9 intermediate revisions by one user not shown)
Line 2: Line 2:
  
  
Object information such as IPs can be gathered locally on the firewall.  This is useful for situations where you might cat $FWDIR/conf/masters to check the manager and logger configurations.  You might what the associated IP address but not want to take the time to look it up on the GUI.  
+
Object information such as IPs can be gathered locally on the firewall.  This is useful for situations where you might cat $FWDIR/conf/masters to check the manager and logger configurations.  The problem is all that file presents is object names and you might what the associated IP address... but not want to take the time to look it up on the GUI.  
  
 
The local firewall object information can be found in  
 
The local firewall object information can be found in  
 
  $FWDIR/database/objects.C
 
  $FWDIR/database/objects.C
 +
 +
 +
== commands to run locally on the firewall ==
  
  
Line 11: Line 14:
 
  objects.C-                      :ipaddr (192.168.1.100)
 
  objects.C-                      :ipaddr (192.168.1.100)
  
where ''mysmartcenter'' should be replaced with you object name of interest
+
where ''mysmartcenter'' should be replaced with the object name of interest
  
 
a little cleaner command for bash on SPLAT or Gaia  
 
a little cleaner command for bash on SPLAT or Gaia  
  # '''NAME="mysmartcenter"; grep -A 200 -r ": ($NAME" * $FWDIR/database/objects.C | grep -i ipaddr'''
+
  # '''NAME="''object_name_goes_here''"; grep -A 200 -r ": ($NAME" * $FWDIR/database/objects.C | grep -i ipaddr'''
 
   
 
   
 
ipso
 
ipso
  
  # '''set NAME="mysmartcenter"; grep -A 200 -r ": ($NAME" * $FWDIR/database/objects.C | grep -i ipaddr'''
+
  # '''set NAME="''object_name_goes_here''"; grep -A 200 -r ": ($NAME" * $FWDIR/database/objects.C | grep -i ipaddr'''
 +
 
 +
==get smartcenter or CMA info==
 +
 
 +
i=`grep -A 1 "Policy" $FWDIR/conf/masters | grep -v Policy`; grep -E ": \($i|ipaddr" $FWDIR/database/objects.C | grep -iA1 "$i"|tr -d "()":ipaddr | awk '{print $1}'
 +
 
 +
== get logger and IP ==
 +
 
 +
this one works in bash on linux based firewalls or from bash in ipso
 +
  [Expert@myfirewall]# '''i=`awk '/\[Log\]/{p=1;next}p &&/\[Alert\]/{p=0};p' $FWDIR/conf/masters`; grep -E ": \($i|ipaddr" $FWDIR/database/objects.C | grep -iA1 "$i"|tr -d "()":ipaddr | awk '{print $1}''''
 +
  my_clm
 +
  192.168.1.10
 +
 
 +
--- note: bash is not the default shell in ipso(csh is) ---
 +
 
 +
swithing to bash in ipso
 +
mychkpfw[admin]# '''bash'''
 +
[root@mychkpfw ~]#                  <<< new bash prompt
  
 
[[category:misc]]
 
[[category:misc]]

Latest revision as of 17:09, 21 January 2015

Firewall Versions: R65 to R75 (tested)


Object information such as IPs can be gathered locally on the firewall. This is useful for situations where you might cat $FWDIR/conf/masters to check the manager and logger configurations. The problem is all that file presents is object names and you might what the associated IP address... but not want to take the time to look it up on the GUI.

The local firewall object information can be found in

$FWDIR/database/objects.C


commands to run locally on the firewall

# grep -A 200 -r ": (mysmartcenter" * $FWDIR/database/objects.C | grep -i ipaddr
objects.C-                      :ipaddr (192.168.1.100)

where mysmartcenter should be replaced with the object name of interest

a little cleaner command for bash on SPLAT or Gaia

# NAME="object_name_goes_here"; grep -A 200 -r ": ($NAME" * $FWDIR/database/objects.C | grep -i ipaddr

ipso

# set NAME="object_name_goes_here"; grep -A 200 -r ": ($NAME" * $FWDIR/database/objects.C | grep -i ipaddr

get smartcenter or CMA info

i=`grep -A 1 "Policy" $FWDIR/conf/masters | grep -v Policy`; grep -E ": \($i|ipaddr" $FWDIR/database/objects.C | grep -iA1 "$i"|tr -d "()":ipaddr | awk '{print $1}'

get logger and IP

this one works in bash on linux based firewalls or from bash in ipso

 [Expert@myfirewall]# i=`awk '/\[Log\]/{p=1;next}p &&/\[Alert\]/{p=0};p' $FWDIR/conf/masters`; grep -E ": \($i|ipaddr" $FWDIR/database/objects.C | grep -iA1 "$i"|tr -d "()":ipaddr | awk '{print $1}'
 my_clm
 192.168.1.10

--- note: bash is not the default shell in ipso(csh is) ---

swithing to bash in ipso

mychkpfw[admin]# bash
[root@mychkpfw ~]#                   <<< new bash prompt