Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Champion
Champion

One-liner to update IpToCountry data on Security Managements

👍 Automates all tasks from sk120261
ℹ️ Can be easily scheduled to auto-run at specific times.

One-liner (Bash) to assist updating IpToCountry.csv on Check Point security managements.
In expert mode run:

if [[ `$CPDIR/bin/cpprod_util FwIsFirewallMgmt 2>/dev/null` != *'1'* ]]; then echo; tput bold; echo ' Not a security management!'; tput sgr0; echo; else curl_cli $(if [[ `grep proxy:ip /config/active` ]]; then echo -n '--proxy '; grep proxy:ip /config/active|cut -f2 -d' '|tr -d '\n'; echo -n :; grep proxy:port /config/active|cut -f2 -d' '; fi) -k https://sc1.checkpoint.com/freud2/IpToCountry.csv.gz | zcat > IpToCountry.csv; if [[ $? == 0 ]]; then echo; tput bold; echo -n ' Updating IpToCountry requires '; tput sgr0; tput setab 1; tput setaf 7; tput bold; echo -n 'CPSTOP'; tput sgr0; tput bold; echo -n '! Executing? '; tput sgr0; read -sn1; case $REPLY in '') echo; dos2unix IpToCountry.csv; chown admin:root IpToCountry.csv; chmod 770 IpToCountry.csv; cp $RTDIR/conf/ip2country.csv $RTDIR/conf/ip2country.csv_$(date +%Y%m%d%H%M); cp $INDEXERDIR/conf/ip2country.csv $INDEXERDIR/conf/ip2country.csv_$(date +%Y%m%d%H%M); cpstop; sleep 20; cp -v IpToCountry.csv $RTDIR/conf/ip2country.csv; mv -v IpToCountry.csv $INDEXERDIR/conf/ip2country.csv; cpstart; echo; tput setaf 2; echo 'Update completed!'; tput sgr0;; *) tput setaf 1; echo ' Abort!'; tput sgr0; esac; else echo; tput setaf 1; echo ' Download failed!'; tput sgr0; echo; fi; fi

This one-liner interactively downloads the newest IpToCountry.csv from Check Point, checks if the download needs to be performed via web proxy and asks before cpstop is to be executed. This could easily be changed into a nightly cron job. Please comment if you are interested in this.

This one-liner will be integrated within our ccc script starting from version 4.9.

-- More one-liners --

One-liner for Address Spoofing Troubleshooting
One-liner for Remote Address VPN Statistics
One-liner to show VPN topology on gateways

One-liner to show Geo Policy on gateways

2 Replies
Contributor

Hi Denny,

Can the update be performed automatically without asking to cpstop?

Thanks.

 

Regards,

Jarvis

0 Kudos
Reply
Champion
Champion

Hi @Jarvis_Lin , this isn't possible as the firewall management processes are actively working with these files. So the processes need to be stopped before the files can be replaced. Otherwise Check Point would have probably implemented an automatic update. I think it should be possible to update these files before the management processes are started at system startup. Then you would receive GeoIP updates whenever the system gets restarted.

0 Kudos
Reply