This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Charles_Currier
Employee
Employee
‎2018-08-21 01:56 PM

AWS Dynamic Object Script

Here is a little Script that allows you to have a dynamic object based on the AWS

ip-ranges.json file. The object can be updated on a regular interval or run once.

View the Included README for details.

Updated to v3 to resolve proxy bug.

dyno_aws_v3.tgz
2 Replies
Hybrid_Theory
Participant
‎2019-02-26 07:03 PM

I get this error:

[Expert@TestGW:0]# dyno_aws.sh -o AwsDynObj -a run
Warning, cannot connect to https://ip-ranges.amazonaws.com/ip-ranges.json
[Expert@TestGW:0]# nknown host https://www.ip-ranges.amazonaws.com

No modifications made to the script, running on R77.30 T216.

I am unable to ping that URL either from another trusted source. I can ping the parent domain:

ping amazonaws.com
PING amazonaws.com (72.21.206.80) 56(84) bytes of data.
64 bytes from 206-80.amazon.com (72.21.206.80): icmp_seq=1 ttl=228 time=182 ms
64 bytes from 206-80.amazon.com (72.21.206.80): icmp_seq=2 ttl=228 time=182 ms
64 bytes from 206-80.amazon.com (72.21.206.80): icmp_seq=3 ttl=228 time=182 ms

Also, is it possible to poll a different URL, and use the results to update the dynamic object?

0 Kudos
Charles_Currier
Employee
Employee
‎2019-03-04 09:58 AM

I just tested the default URL and it works correctly - Please check your DNS Settings.
If you want to see more details look at the log file $FWDIR/log/dyno_aws.log.

The README file documents how to run the script and yes you can define a different URL or a local file.

A local file example would be : "dyno_aws.sh -o AwsDynObj  -a on -f /home/admin/ip-ranges.json"

A url example is " dyno_aws.sh -o AwsDynObj  -a on -u https://ip-ranges.amazonaws.com/ip-ranges.json"

0 Kudos