Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Champion
Champion

One-liner to show reserved words within hostnames

👍 Shows reserved words in hostnames quickly > sk169892.
ℹ️ Can be easily changed to also check these in management databases.

One-liner (Bash) to assist identifying unsupported reserved words (sk40179) in hostnames.
In expert mode run:

hostname|tr '-' '\n'|grep -E 'accept|all|All|and|any|Any|apr|Apr|april|April|aug|Aug|august|August|black|blackboxs|blue|broadcasts|call|comment|conn|date|day|debug|dec|Dec|december|December|deffunc|define|delete|delstate|direction|do|domains|drop|dst|dynamic|edge|else|expcall|expires|export|fcall|feb|Feb|february|February|firebrick|foreground|forest|format|fri|Fri|friday|Friday|from|fw1|FW1|fwline|fwrule|gateways|get|getstate|gold|gray|green|hashsize|hold|host|hosts|if|ifaddr|ifid|implies|in|inbound|instate|interface|interfaces|ipsecdata|ipsecmethods|is|jan|Jan|january|January|jul|Jul|july|July|jun|Jun|june|June|kbuf|keep|limit|local|localhost|log|LOG|logics|magenta|mar|Mar|march|March|may|May|mday|medium|modify|mon|Mon|monday|Monday|month|mortrap|navy|netof|nets|nexpires|not|nov|Nov|november|November|oct|Oct|october|October|or|orange|origdport|origdst|origsport|origsrc|other|outbound|packet|packetid|packetlen|pass|r_arg|r_call_counter|r_cdir|r_cflags|r_chandler|r_client_community|r_client_ifs_grp|r_community_left|r_connarg|r_spii_uuid4|r_str_dport|r_str_dst|r_str_ipp|r_str_sport|r_str_src|r_user|record|red|refresh|reject|routers|r_crule|r_ctimeout|r_ctype|r_curr_feature_id|r_data_offset|r_dtmatch|r_dtmflags|r_entry|r_g_offset|r_ipv6|r_mapped_ip|r_mflags|r_mhandler|r_mtimeout|r_oldcdir|r_pflags|r_profile_id|r_ro_client_community|r_ro_dst_sr|r_ro_server_community|r_ro_src_sr|r_scvres|r_server_community|r_server_ifs_grp|r_service_id|r_simple_hdrlen|r_spii_ret|r_spii_tcpseq|r_spii_uuid1|r_spii_uuid2|r_spii_uuid3|sat|Sat|saturday|Saturday|second|sep|Sep|september|September|set|setstate|skipme|skippeer|sr|src|static|sun|Sun|sunday|Sunday|switchs|sync|targets|thu|Thu|thursday|Thursday|to|tod|tue|Tue|tuesday|Tuesday|ufp|vanish|vars|wasskipped|wed|Wed|wednesday|Wednesday|while|xlatedport|xlatedst|xlatemethod|xlatesport|xlatesrc|xor|year|zero|zero_ip|CPM|Global|Web|mon|Mon|monday|Monday|tue|Tue|tuesday|Tuesday|wed|Wed|wednesday|Wednesday|thu|Thu|thursday|Thursday|fri|Fri|friday|Friday|sat|Sat|saturday|Saturday|sun|Sun|sunday|Sunday|jan|Jan|january|January|feb|Feb|february|February|mar|Mar|march|March|apr|Apr|april|April|may|May|jun|Jun|june|June|jul|Jul|july|July|aug|Aug|august|August|sep|Sep|september|September|oct|Oct|october|October|nov|Nov|november|November|dec|Dec|december|December|date|day|month|year|black|blue|cyan|dark|firebrick|foreground|forest|gold|gray|green|magenta|medium|navy|orange|red|sienna|yellow|Account|Alert|Auth|AuthAlert|Duplicate|gateways|host|Long|Mail|netobj|resourceobj|routers|servers|servobj|Short|SnmpTrap|spoof|spoofalert|targets|tracks|ufp|UserDefined|dynobj_list|full_service_list|ip_list|rulenum_list|service_list|target_list|tcpt_list|valid_addrs_list|ipv6|block|cp_mgmt|art|dns_atma|wmp_sami|rtf|sctp|rpc|diameter'; [ $? == 1 ] || echo 'Reserved word found!'; if [[ $(hostname) =~ ^(firewall-1|fw1|FW1|fw-1|mail|smtp)$ ]]; then echo 'Unsecure hostname!'; fi

This one-liner quickly identifies all reserved words within the hostname of a system. These should never be used anywhere within a Check Point configuration and cause an error message even when used in hostnames starting from R80.40 (sk169892). Also keep in mind that using "-" (dash) signs in the Check Point world is bad practice as Check Point's INSPECT code will interprete this as a word separator. I've also experienced issues with dash signs in relation to sk42952. Check Point uses underscores in their solution whenever required (example). But keep in mind that 1400/1500 appliances don't support underscores. Also CIFS/NetBIOS is known to have issues with underscore chracters. Therefore I recommend to use alphabetical characters only within Check Point.

image.png

This one-liner will be integrated within our ccc script starting from version 4.9.

-- More one-liners --

One-liner for Address Spoofing Troubleshooting
One-liner for Remote Address VPN Statistics
One-liner to show VPN topology on gateways

One-liner to show Geo Policy on gateways

0 Replies