Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Luis_Miguel_Mig
Advisor

ExportImportPolicyPackage import error

Hi,
I have been testing https://github.com/CheckPointSW/ExportImportPolicyPackage importing and exporting policy packages in the lab and it was all good.
However I am trying to import a policy package in a production Firewall Manager running r81.10 take 110 (it was initially r80.40 and upgraded to r81.10 a while ago) and the scripts breaks pretty much from the beginning.

These are the errors I get: 
- The trace shows that the script breaks when it tries to publish
-  /opt/CPsuite-R81.10/fw1/log/api.elg shows that publish fails due to "Publish cannot be performed without entering a session name and description"

Exactly the same import operation is successful  in the lab firewall manager  running r81.10 take 95 


Creating a Policy Package named [Policy]

Importing general objects

Adding hosts

Managed to import API object from type host by add-objects-batch API call.
Now trying to publish.

Traceback (most recent call last):
File "import_export_package.py", line 71, in <module>
import_package(client, args)
File "/home/admin/software/ExportImportPolicyPackage-master/importing/import_package.py", line 56, in import_package
layers_to_attach = import_objects(args.file, client, {}, package, None, args)
File "/home/admin/software/ExportImportPolicyPackage-master/importing/import_objects.py", line 185, in import_objects
batch_succeeded = add_batch_objects(api_type, command, client, args, batch_payload)
File "/home/admin/software/ExportImportPolicyPackage-master/importing/import_objects.py", line 862, in add_batch_objects
api_reply = handle_publish(client, api_type)
File "/home/admin/software/ExportImportPolicyPackage-master/importing/import_objects.py", line 899, in handle_publish
" from said file were not imported!. Message: " + str(publish_reply.error_message),
AttributeError: 'APIResponse' object has no attribute 'error_message'


/opt/CPsuite-R81.10/fw1/log/api.elg


2023-11-08 09:53:01,537 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-157589] - Executing [show-task] of version [1.6.1] (references 1.3)
2023-11-08 09:53:01,538 INFO org.apache.cxf.interceptor.LoggingOutInterceptor.log:250 [qtp-2043826156-157589] - Outbound Message
---------------------------
ID: 2480
Response-Code: 200
Content-Type: application/json
Headers: {Content-Type=[application/json], Date=[Wed, 08 Nov 2023 09:53:01 GMT]}
Payload: {
"tasks" : [ {
"task-id" : "abcdef01-2345-6789-a1c6-460bc3c21856",
"task-name" : "add-objects-batch",
"status" : "succeeded",
"progress-percentage" : 100,
"progress-description" : "Operation Complete",
"suppressed" : false,
"task-details" : [ {
"status" : "Batch operation completed successfully"
} ]
} ]
}
--------------------------------------
2023-11-08 09:53:01,539 INFO org.apache.cxf.interceptor.LoggingInInterceptor.log:250 [qtp-2043826156-192060] - Inbound Message
----------------------------
ID: 2481
Address: http://127.0.0.1:51133/web_api/v1.6.1/publish
Encoding: UTF-8
Http-Method: POST
Content-Type: application/json
Headers: {Accept=[*/*], accept-encoding=[identity], connection=[keep-alive], Content-Length=[2], content-type=[application/json], Host=[127.0.0.1:51133], User-Agent=[python-api-wrapper], X-chkp-sid=[574e70eb0d92745c80697faf2b3b2a21], X-Forwarded-For=[127.0.0.1], X-Forwarded-Host=[127.0.0.1], X-Forwarded-Host-Port=[443], X-Forwarded-Server=[10.71.11.71]}
Payload: {}
--------------------------------------
2023-11-08 09:53:01,539 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-192060] - Executing [publish] of version [1.6.1] (references 1)
2023-11-08 09:53:01,545 INFO org.apache.cxf.interceptor.LoggingOutInterceptor.log:250 [qtp-2043826156-192060] - Outbound Message
---------------------------
ID: 2481
Response-Code: 200
Content-Type: application/json
Headers: {Content-Type=[application/json], X-chkp-sync-task-id=[01234567-89ab-cdef-ae62-db43e4242700], Date=[Wed, 08 Nov 2023 09:53:01 GMT]}
Payload: {
"task-id" : "01234567-89ab-cdef-ae62-db43e4242700"
}
--------------------------------------
2023-11-08 09:53:01,546 INFO org.apache.cxf.interceptor.LoggingInInterceptor.log:250 [qtp-2043826156-157589] - Inbound Message
----------------------------
ID: 2482
Address: http://127.0.0.1:51133/web_api/v1.6.1/show-task
Encoding: UTF-8
Http-Method: POST
Content-Type: application/json
Headers: {Accept=[*/*], accept-encoding=[identity], connection=[keep-alive], Content-Length=[76], content-type=[application/json], Host=[127.0.0.1:51133], User-Agent=[python-api-wrapper], X-chkp-sid=[574e70eb0d92745c80697faf2b3b2a21], X-Forwarded-For=[127.0.0.1], X-Forwarded-Host=[127.0.0.1], X-Forwarded-Host-Port=[443], X-Forwarded-Server=[10.71.11.71]}
Payload: {"task-id": "01234567-89ab-cdef-ae62-db43e4242700", "details-level": "full"}
--------------------------------------
2023-11-08 09:53:01,546 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-157589] - Executing [show-task] of version [1.6.1] (references 1.3)
2023-11-08 09:53:01,547 INFO org.apache.cxf.interceptor.LoggingOutInterceptor.log:250 [qtp-2043826156-157589] - Outbound Message
---------------------------
ID: 2482
Response-Code: 200
Content-Type: application/json
Headers: {Content-Type=[application/json], Date=[Wed, 08 Nov 2023 09:53:01 GMT]}
Payload: {
"tasks" : [ {
"task-id" : "01234567-89ab-cdef-ae62-db43e4242700",
"task-name" : "Publish operation",
"status" : "in progress",
"progress-percentage" : 0,
"suppressed" : false
} ]
}
--------------------------------------
2023-11-08 09:53:03,550 INFO org.apache.cxf.interceptor.LoggingInInterceptor.log:250 [qtp-2043826156-192060] - Inbound Message
----------------------------
ID: 2483
Address: http://127.0.0.1:51133/web_api/v1.6.1/show-task
Encoding: UTF-8
Http-Method: POST
Content-Type: application/json
Headers: {Accept=[*/*], accept-encoding=[identity], connection=[keep-alive], Content-Length=[76], content-type=[application/json], Host=[127.0.0.1:51133], User-Agent=[python-api-wrapper], X-chkp-sid=[574e70eb0d92745c80697faf2b3b2a21], X-Forwarded-For=[127.0.0.1], X-Forwarded-Host=[127.0.0.1], X-Forwarded-Host-Port=[443], X-Forwarded-Server=[10.71.11.71]}
Payload: {"task-id": "01234567-89ab-cdef-ae62-db43e4242700", "details-level": "full"}
--------------------------------------
2023-11-08 09:53:03,551 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-192060] - Executing [show-task] of version [1.6.1] (references 1.3)
2023-11-08 09:53:03,552 INFO org.apache.cxf.interceptor.LoggingOutInterceptor.log:250 [qtp-2043826156-192060] - Outbound Message
---------------------------
ID: 2483
Response-Code: 200
Content-Type: application/json
Headers: {Content-Type=[application/json], Date=[Wed, 08 Nov 2023 09:53:03 GMT]}
Payload: {
"tasks" : [ {
"task-id" : "01234567-89ab-cdef-ae62-db43e4242700",
"task-name" : "Publish operation",
"status" : "failed",
"progress-percentage" : 100,
"suppressed" : false,
"task-details" : [ {
"fault-message" : "Publish cannot be performed without entering a session name and description."
} ]
} ]
}
--------------------------------------
2023-11-08 09:53:03,553 INFO org.apache.cxf.interceptor.LoggingInInterceptor.log:250 [qtp-2043826156-157589] - Inbound Message
----------------------------
ID: 2484
Address: http://127.0.0.1:51133/web_api/v1.6.1/logout
Encoding: UTF-8
Http-Method: POST
Content-Type: application/json
Headers: {Accept=[*/*], accept-encoding=[identity], connection=[keep-alive], Content-Length=[2], content-type=[application/json], Host=[127.0.0.1:51133], User-Agent=[python-api-wrapper], X-chkp-sid=[574e70eb0d92745c80697faf2b3b2a21], X-Forwarded-For=[127.0.0.1], X-Forwarded-Host=[127.0.0.1], X-Forwarded-Host-Port=[443], X-Forwarded-Server=[10.71.11.71]}
Payload: {}
--------------------------------------
2023-11-08 09:53:03,554 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-157589] - Executing [logout] of version [1.6.1] (references 1)



0 Kudos
4 Replies
Luis_Miguel_Mig
Advisor

I got it sorted by disabling "all sessions must have a description" at manage/settings -> Sessions -> Advanced

 

 

Hugo_vd_Kooij
Advisor

I would prefer to resolve it by setting the request items all the time.

It makes a lot more sense in the audit logs.

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
0 Kudos
Luis_Miguel_Mig
Advisor

Me too, but it requires modifying the python script. It may be a good feature request

0 Kudos
PhoneBoy
Admin
Admin

The script is Open Source, so you can submit a pull request with the relevant change.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    CheckMates Events