Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
mmethw2003
Explorer

Disable Policy rules using Python - R77

Hi All,

Am new to Checkpoint so bare with me ....

I have a requirement  to automate unused firewall rules in a box which run on R77. Basically we are getting a list of UUIDs which are not in use for sometimes and we have to manually delete each one.

I thought of writing a script to automate the task. But during the research I have noticed it's not straight forward with R77. Appreciate if someone can guide me ....

0 Kudos
3 Replies
Maik
Advisor

Kinda sure that you do not want to hear this, but the best method would be to upgrade to R80(.30) and use the API (for which a python module exists ~ https://github.com/CheckPointSW/cp_mgmt_api_python_sdk).
Sigbjorn
Advisor

It is possible using dbedit, but its very sensitive, and if you make mistakes, you could end up corrupting your management.

So I fully agree with Maik, it's not worthwhile trying to do this on R77 installations, and I would rather spend resources upgradering to R80.30.

Once you're upgraded, its very easy to accomplish this using the built in API's.

0 Kudos
PhoneBoy
Admin
Admin

While it's certainly possible to do this with R77.x, it's via CLI tools only (dbedit), the process is not documented, and unlikely to be given the R77.x releases are End of Support.
You're better off spending the effort upgrading to R80.30 or R80.40 and using one of the ready-made solutions available on CheckMates that leverage the API.
0 Kudos