This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
dj0Nz
Advisor
‎2023-03-30 11:46 PM
Jump to solution

Gaia API flaws

Hi,

I was tasked to develop a script lately to check routing and antispoofing on a Check Point cluster. I started with python and the Gaia API but gave up very soon and wrote a shell script because of two flaws:

  1. The show-static-route call returns an error if the requested route is not explicitly set. There is always a route if there is a default gateway.
  2. Other than stated in the documentation, the show-static-route call does not return the outgoing interface, which significantly limits the usefulness of this api call.

Are there plans to correct these issues? 

Cheers
Michael

 

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2023-04-14 04:49 PM
Jump to solution

I did get some feedback from R&D on these questions.
Unfortunately, it is operating as expected.

Generally, these API calls will only show the contents of explicitly configured routes.
The interface is only shown if you configure a route with an explicit interface as the destination.

Interestingly enough, when you use show-routes-static, the interface for the default route is included in the output.
You can see an example in the API docs: https://sc1.checkpoint.com/documents/latest/GaiaAPIs/index.html#web/show-routes-static~v1.7%20 
It seems like the other API calls for different sources of routes (e.g. show-routes-bgp) includes interfaces in their output.
Which suggests they might be more suitable for your intended purpose.

 

View solution in original post

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2023-03-31 04:52 PM
Jump to solution

What version of the API is it?

0 Kudos
PhoneBoy
Admin
Admin
‎2023-04-03 10:20 AM
In response to dj0Nz
Jump to solution

I've flagged this to the relevant R&D team, will see if I can get some feedback.

0 Kudos
PhoneBoy
Admin
Admin
‎2023-04-14 04:49 PM
Jump to solution

I did get some feedback from R&D on these questions.
Unfortunately, it is operating as expected.

Generally, these API calls will only show the contents of explicitly configured routes.
The interface is only shown if you configure a route with an explicit interface as the destination.

Interestingly enough, when you use show-routes-static, the interface for the default route is included in the output.
You can see an example in the API docs: https://sc1.checkpoint.com/documents/latest/GaiaAPIs/index.html#web/show-routes-static~v1.7%20 
It seems like the other API calls for different sources of routes (e.g. show-routes-bgp) includes interfaces in their output.
Which suggests they might be more suitable for your intended purpose.

 

0 Kudos
dj0Nz
Advisor
‎2023-04-17 05:26 AM
In response to PhoneBoy
Jump to solution

Okay, "operating as expected" is the answer I was expecting to be honest. I must have missed the show-routes-static call, which is (together with some json queries) all I needed. Code is at Github (https://github.com/dj0nz/cptools/blob/main/gaia_api_poc.py)

Thank you very much! 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top