topic One-liner to show reserved words within hostnames in API / CLI Discussion

topic One-liner to show reserved words within hostnames in API / CLI Discussion https://community.checkpoint.com/t5/API-CLI-Discussion/One-liner-to-show-reserved-words-within-hostnames/m-p/98594#M5213 <DIV class=""> <P style="text-align: center;"><span class="lia-unicode-emoji" title=":thumbs_up:">👍</span> Shows reserved words in hostnames quickly > <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk169892" target="_self">sk169892</A>.<BR /><span class="lia-unicode-emoji" title=":information:">ℹ️</span> Can be easily changed to also check these in management databases.</P> <P><SPAN>One-liner (Bash) to assist identifying unsupported reserved words (<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk40179" target="_self"><EM>sk40179</EM></A>) in hostnames.<BR /><STRONG>In <U>expert</U> mode run:<BR /></STRONG></SPAN></P> <LI-CODE lang="markup">echo; if [[ -n `hostname|tr '-' '\n'|grep -E '^accept$|^all$|^All$|^and$|^any$|^Any$|^apr$|^Apr$|^april$|^April$|^aug$|^Aug$|^august$|^August$|^black$|^blackboxs$|^blue$|^broadcasts$|^call$|^comment$|^conn$|^date$|^day$|^debug$|^dec$|^Dec$|^december$|^December$|^deffunc$|^define$|^delete$|^delstate$|^direction$|^do$|^domains$|^drop$|^dst$|^dynamic$|^edge$|^else$|^expcall$|^expires$|^export$|^fcall$|^feb$|^Feb$|^february$|^February$|^firebrick$|^foreground$|^forest$|^format$|^fri$|^Fri$|^friday$|^Friday$|^from$|^fw1$|^FW1$|^fwline$|^fwrule$|^gateways$|^get$|^getstate$|^gold$|^gray$|^green$|^hashsize$|^hold$|^host$|^hosts$|^if$|^ifaddr$|^ifid$|^implies$|^in$|^inbound$|^instate$|^interface$|^interfaces$|^ipsecdata$|^ipsecmethods$|^is$|^jan$|^Jan$|^january$|^January$|^jul$|^Jul$|^july$|^July$|^jun$|^Jun$|^june$|^June$|^kbuf$|^keep$|^limit$|^local$|^localhost$|^log$|^LOG$|^logics$|^magenta$|^mar$|^Mar$|^march$|^March$|^may$|^May$|^mday$|^medium$|^modify$|^mon$|^Mon$|^monday$|^Monday$|^month$|^mortrap$|^navy$|^netof$|^nets$|^nexpires$|^not$|^nov$|^Nov$|^november$|^November$|^oct$|^Oct$|^october$|^October$|^or$|^orange$|^origdport$|^origdst$|^origsport$|^origsrc$|^other$|^outbound$|^packet$|^packetid$|^packetlen$|^pass$|^r_arg$|^r_call_counter$|^r_cdir$|^r_cflags$|^r_chandler$|^r_client_community$|^r_client_ifs_grp$|^r_community_left$|^r_connarg$|^r_spii_uuid4$|^r_str_dport$|^r_str_dst$|^r_str_ipp$|^r_str_sport$|^r_str_src$|^r_user$|^record$|^red$|^refresh$|^reject$|^routers$|^r_crule$|^r_ctimeout$|^r_ctype$|^r_curr_feature_id$|^r_data_offset$|^r_dtmatch$|^r_dtmflags$|^r_entry$|^r_g_offset$|^r_ipv6$|^r_mapped_ip$|^r_mflags$|^r_mhandler$|^r_mtimeout$|^r_oldcdir$|^r_pflags$|^r_profile_id$|^r_ro_client_community$|^r_ro_dst_sr$|^r_ro_server_community$|^r_ro_src_sr$|^r_scvres$|^r_server_community$|^r_server_ifs_grp$|^r_service_id$|^r_simple_hdrlen$|^r_spii_ret$|^r_spii_tcpseq$|^r_spii_uuid1$|^r_spii_uuid2$|^r_spii_uuid3$|^sat$|^Sat$|^saturday$|^Saturday$|^second$|^sep$|^Sep$|^september$|^September$|^set$|^setstate$|^skipme$|^skippeer$|^sr$|^src$|^static$|^sun$|^Sun$|^sunday$|^Sunday$|^switchs$|^sync$|^targets$|^thu$|^Thu$|^thursday$|^Thursday$|^to$|^tod$|^tue$|^Tue$|^tuesday$|^Tuesday$|^ufp$|^vanish$|^vars$|^wasskipped$|^wed$|^Wed$|^wednesday$|^Wednesday$|^while$|^xlatedport$|^xlatedst$|^xlatemethod$|^xlatesport$|^xlatesrc$|^xor$|^year$|^zero$|^zero_ip$|^CPM$|^Global$|^Web$|^mon$|^Mon$|^monday$|^Monday$|^tue$|^Tue$|^tuesday$|^Tuesday$|^wed$|^Wed$|^wednesday$|^Wednesday$|^thu$|^Thu$|^thursday$|^Thursday$|^fri$|^Fri$|^friday$|^Friday$|^sat$|^Sat$|^saturday$|^Saturday$|^sun$|^Sun$|^sunday$|^Sunday$|^jan$|^Jan$|^january$|^January$|^feb$|^Feb$|^february$|^February$|^mar$|^Mar$|^march$|^March$|^apr$|^Apr$|^april$|^April$|^may$|^May$|^jun$|^Jun$|^june$|^June$|^jul$|^Jul$|^july$|^July$|^aug$|^Aug$|^august$|^August$|^sep$|^Sep$|^september$|^September$|^oct$|^Oct$|^october$|^October$|^nov$|^Nov$|^november$|^November$|^dec$|^Dec$|^december$|^December$|^date$|^day$|^month$|^year$|^black$|^blue$|^cyan$|^dark$|^firebrick$|^foreground$|^forest$|^gold$|^gray$|^green$|^magenta$|^medium$|^navy$|^orange$|^red$|^sienna$|^yellow$|^Account$|^Alert$|^Auth$|^AuthAlert$|^Duplicate$|^gateways$|^host$|^Long$|^Mail$|^netobj$|^resourceobj$|^routers$|^servers$|^servobj$|^Short$|^SnmpTrap$|^spoof$|^spoofalert$|^targets$|^tracks$|^ufp$|^UserDefined$|^dynobj_list$|^full_service_list$|^ip_list$|^rulenum_list$|^service_list$|^target_list$|^tcpt_list$|^valid_addrs_list$|^ipv6$|^block$|^cp_mgmt$|^art$|^dns_atma$|^wmp_sami$|^rtf$|^sctp$|^rpc$|^diameter$'` ]]; then echo 'Reserved word found!'; else echo 'No reserved words found!'; fi; if [[ -n `hostname|grep -E '^firewall-1$|^fw1$|^FW1$|^fw-1$|^mail$|^smtp$'` ]]; then echo 'Unsecure hostname!'; else echo 'Secure hostname!'; fi; echo</LI-CODE> <P><IMG style="display: block; margin-left: auto; margin-right: auto;" class="image-1 j-img-centered jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/66833_pastedImage_10.png" border="0" width="38" height="37" /></P> <P><SPAN>This one-liner quickly identifies all reserved words within the hostname of a system. These should never be used anywhere within a Check Point configuration and cause an error message even when used in hostnames starting from R80.40 (<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk169892" target="_self"><EM>sk169892</EM></A>). Also keep in mind that using "-" (dash) signs in the Check Point world is <U>bad practice</U> as Check Point's INSPECT code will interprete this as a word separator. I've also experienced issues with dash signs in relation to <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk42952" target="_self">sk42952</A>. Check Point uses underscores in their solution whenever required (<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk117237&partition=General&product=Security#Warnings" target="_self"><EM>example</EM></A>). But keep in mind that 1400/1500 appliances don't support underscores. Also CIFS/NetBIOS is known to have issues with underscore chracters. Therefore I recommend to use alphabetical characters only within Check Point.</SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 360px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/8330i58350A32ADD8A6E7/image-size/large?v=v2&px=999" role="button" title="image.png" alt="image.png" /></span></P> <P><SPAN>Integrated with our <STRONG><A href="https://community.checkpoint.com/docs/DOC-2214-common-check-point-commands-ccc" target="_blank" rel="noopener">ccc script</A></STRONG>.</SPAN></P> <P><EM>-- More one-liners --</EM></P> <P><EM><A href="https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/One-liner-for-Address-Spoofing-Troubleshooting/m-p/33204" target="_self">One-liner for Address Spoofing Troubleshooting</A><BR /><A href="https://community.checkpoint.com/t5/Remote-Access-Solutions/One-liner-for-Remote-Access-VPN-Statistics/m-p/79047" target="_self">One-liner for Remote Address VPN Statistics</A><BR /><A href="https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/One-liner-to-show-VPN-topology-on-gateways/td-p/57975" target="_self">One-liner to show VPN topology on gateways</A></EM><BR /><EM><A href="https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/One-liner-to-show-Geo-Policy-on-gateways/m-p/57922" target="_self">One-liner to show Geo Policy on gateways</A></EM></P> </DIV> Sat, 01 Jan 2022 15:30:06 GMT Danny 2022-01-01T15:30:06Z One-liner to show reserved words within hostnames https://community.checkpoint.com/t5/API-CLI-Discussion/One-liner-to-show-reserved-words-within-hostnames/m-p/98594#M5213 <DIV class=""> <P style="text-align: center;"><span class="lia-unicode-emoji" title=":thumbs_up:">👍</span> Shows reserved words in hostnames quickly > <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk169892" target="_self">sk169892</A>.<BR /><span class="lia-unicode-emoji" title=":information:">ℹ️</span> Can be easily changed to also check these in management databases.</P> <P><SPAN>One-liner (Bash) to assist identifying unsupported reserved words (<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk40179" target="_self"><EM>sk40179</EM></A>) in hostnames.<BR /><STRONG>In <U>expert</U> mode run:<BR /></STRONG></SPAN></P> <LI-CODE lang="markup">echo; if [[ -n `hostname|tr '-' '\n'|grep -E '^accept$|^all$|^All$|^and$|^any$|^Any$|^apr$|^Apr$|^april$|^April$|^aug$|^Aug$|^august$|^August$|^black$|^blackboxs$|^blue$|^broadcasts$|^call$|^comment$|^conn$|^date$|^day$|^debug$|^dec$|^Dec$|^december$|^December$|^deffunc$|^define$|^delete$|^delstate$|^direction$|^do$|^domains$|^drop$|^dst$|^dynamic$|^edge$|^else$|^expcall$|^expires$|^export$|^fcall$|^feb$|^Feb$|^february$|^February$|^firebrick$|^foreground$|^forest$|^format$|^fri$|^Fri$|^friday$|^Friday$|^from$|^fw1$|^FW1$|^fwline$|^fwrule$|^gateways$|^get$|^getstate$|^gold$|^gray$|^green$|^hashsize$|^hold$|^host$|^hosts$|^if$|^ifaddr$|^ifid$|^implies$|^in$|^inbound$|^instate$|^interface$|^interfaces$|^ipsecdata$|^ipsecmethods$|^is$|^jan$|^Jan$|^january$|^January$|^jul$|^Jul$|^july$|^July$|^jun$|^Jun$|^june$|^June$|^kbuf$|^keep$|^limit$|^local$|^localhost$|^log$|^LOG$|^logics$|^magenta$|^mar$|^Mar$|^march$|^March$|^may$|^May$|^mday$|^medium$|^modify$|^mon$|^Mon$|^monday$|^Monday$|^month$|^mortrap$|^navy$|^netof$|^nets$|^nexpires$|^not$|^nov$|^Nov$|^november$|^November$|^oct$|^Oct$|^october$|^October$|^or$|^orange$|^origdport$|^origdst$|^origsport$|^origsrc$|^other$|^outbound$|^packet$|^packetid$|^packetlen$|^pass$|^r_arg$|^r_call_counter$|^r_cdir$|^r_cflags$|^r_chandler$|^r_client_community$|^r_client_ifs_grp$|^r_community_left$|^r_connarg$|^r_spii_uuid4$|^r_str_dport$|^r_str_dst$|^r_str_ipp$|^r_str_sport$|^r_str_src$|^r_user$|^record$|^red$|^refresh$|^reject$|^routers$|^r_crule$|^r_ctimeout$|^r_ctype$|^r_curr_feature_id$|^r_data_offset$|^r_dtmatch$|^r_dtmflags$|^r_entry$|^r_g_offset$|^r_ipv6$|^r_mapped_ip$|^r_mflags$|^r_mhandler$|^r_mtimeout$|^r_oldcdir$|^r_pflags$|^r_profile_id$|^r_ro_client_community$|^r_ro_dst_sr$|^r_ro_server_community$|^r_ro_src_sr$|^r_scvres$|^r_server_community$|^r_server_ifs_grp$|^r_service_id$|^r_simple_hdrlen$|^r_spii_ret$|^r_spii_tcpseq$|^r_spii_uuid1$|^r_spii_uuid2$|^r_spii_uuid3$|^sat$|^Sat$|^saturday$|^Saturday$|^second$|^sep$|^Sep$|^september$|^September$|^set$|^setstate$|^skipme$|^skippeer$|^sr$|^src$|^static$|^sun$|^Sun$|^sunday$|^Sunday$|^switchs$|^sync$|^targets$|^thu$|^Thu$|^thursday$|^Thursday$|^to$|^tod$|^tue$|^Tue$|^tuesday$|^Tuesday$|^ufp$|^vanish$|^vars$|^wasskipped$|^wed$|^Wed$|^wednesday$|^Wednesday$|^while$|^xlatedport$|^xlatedst$|^xlatemethod$|^xlatesport$|^xlatesrc$|^xor$|^year$|^zero$|^zero_ip$|^CPM$|^Global$|^Web$|^mon$|^Mon$|^monday$|^Monday$|^tue$|^Tue$|^tuesday$|^Tuesday$|^wed$|^Wed$|^wednesday$|^Wednesday$|^thu$|^Thu$|^thursday$|^Thursday$|^fri$|^Fri$|^friday$|^Friday$|^sat$|^Sat$|^saturday$|^Saturday$|^sun$|^Sun$|^sunday$|^Sunday$|^jan$|^Jan$|^january$|^January$|^feb$|^Feb$|^february$|^February$|^mar$|^Mar$|^march$|^March$|^apr$|^Apr$|^april$|^April$|^may$|^May$|^jun$|^Jun$|^june$|^June$|^jul$|^Jul$|^july$|^July$|^aug$|^Aug$|^august$|^August$|^sep$|^Sep$|^september$|^September$|^oct$|^Oct$|^october$|^October$|^nov$|^Nov$|^november$|^November$|^dec$|^Dec$|^december$|^December$|^date$|^day$|^month$|^year$|^black$|^blue$|^cyan$|^dark$|^firebrick$|^foreground$|^forest$|^gold$|^gray$|^green$|^magenta$|^medium$|^navy$|^orange$|^red$|^sienna$|^yellow$|^Account$|^Alert$|^Auth$|^AuthAlert$|^Duplicate$|^gateways$|^host$|^Long$|^Mail$|^netobj$|^resourceobj$|^routers$|^servers$|^servobj$|^Short$|^SnmpTrap$|^spoof$|^spoofalert$|^targets$|^tracks$|^ufp$|^UserDefined$|^dynobj_list$|^full_service_list$|^ip_list$|^rulenum_list$|^service_list$|^target_list$|^tcpt_list$|^valid_addrs_list$|^ipv6$|^block$|^cp_mgmt$|^art$|^dns_atma$|^wmp_sami$|^rtf$|^sctp$|^rpc$|^diameter$'` ]]; then echo 'Reserved word found!'; else echo 'No reserved words found!'; fi; if [[ -n `hostname|grep -E '^firewall-1$|^fw1$|^FW1$|^fw-1$|^mail$|^smtp$'` ]]; then echo 'Unsecure hostname!'; else echo 'Secure hostname!'; fi; echo</LI-CODE> <P><IMG style="display: block; margin-left: auto; margin-right: auto;" class="image-1 j-img-centered jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/66833_pastedImage_10.png" border="0" width="38" height="37" /></P> <P><SPAN>This one-liner quickly identifies all reserved words within the hostname of a system. These should never be used anywhere within a Check Point configuration and cause an error message even when used in hostnames starting from R80.40 (<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk169892" target="_self"><EM>sk169892</EM></A>). Also keep in mind that using "-" (dash) signs in the Check Point world is <U>bad practice</U> as Check Point's INSPECT code will interprete this as a word separator. I've also experienced issues with dash signs in relation to <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk42952" target="_self">sk42952</A>. Check Point uses underscores in their solution whenever required (<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk117237&partition=General&product=Security#Warnings" target="_self"><EM>example</EM></A>). But keep in mind that 1400/1500 appliances don't support underscores. Also CIFS/NetBIOS is known to have issues with underscore chracters. Therefore I recommend to use alphabetical characters only within Check Point.</SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 360px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/8330i58350A32ADD8A6E7/image-size/large?v=v2&px=999" role="button" title="image.png" alt="image.png" /></span></P> <P><SPAN>Integrated with our <STRONG><A href="https://community.checkpoint.com/docs/DOC-2214-common-check-point-commands-ccc" target="_blank" rel="noopener">ccc script</A></STRONG>.</SPAN></P> <P><EM>-- More one-liners --</EM></P> <P><EM><A href="https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/One-liner-for-Address-Spoofing-Troubleshooting/m-p/33204" target="_self">One-liner for Address Spoofing Troubleshooting</A><BR /><A href="https://community.checkpoint.com/t5/Remote-Access-Solutions/One-liner-for-Remote-Access-VPN-Statistics/m-p/79047" target="_self">One-liner for Remote Address VPN Statistics</A><BR /><A href="https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/One-liner-to-show-VPN-topology-on-gateways/td-p/57975" target="_self">One-liner to show VPN topology on gateways</A></EM><BR /><EM><A href="https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/One-liner-to-show-Geo-Policy-on-gateways/m-p/57922" target="_self">One-liner to show Geo Policy on gateways</A></EM></P> </DIV> Sat, 01 Jan 2022 15:30:06 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/One-liner-to-show-reserved-words-within-hostnames/m-p/98594#M5213 Danny 2022-01-01T15:30:06Z