- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Previously - in R77.X envrionments - I had a script that used the command:
# installed_jumbo_take -n
This command appears to have been deprecated in the R80.X code train.
What do you use to get the current jumbo version thats installed?
It looks like I can use cpinfo or the regsitry - but I'm just curious if anyone has a one-liner they've found to be easy and accurate like # installed_jumbo_take -n used to provide?
Thanks
Using cpinfo is a quick option.
[Expert@gw01:0]# cpinfo -y all 2>&1 | grep JUMBO | uniq
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 33
BUNDLE_R80_20_JUMBO_HF_MAIN Take: 33
After doing a little digging in R77.30 it appears that it uses a simple bash script to return the pretty jumbo output.
Located in: $FWDIR/bin/installed_jumbo_take
The piece I care about:
JUMBO_NAME='R77_30_JUMBO_HF'
$CPDIR/bin/cpprod_util CPPROD_GetValue "CPUpdates/6.0/BUNDLE_${JUMBO_NAME}" SU_Build_Take 0
I just tested it on R80.10 and R80.20 and it appears to work, but the naming standard doesn't seem to follow:
R80.10
JUMBO_NAME='R80_10_JUMBO_HF'
$CPDIR/bin/cpprod_util CPPROD_GetValue "CPUpdates/6.0/BUNDLE_R80_10_JUMBO_HF" SU_Build_Take 0
R80.20
JUMBO_NAME='R80_20_JUMBO_HF_MAIN'
$CPDIR/bin/cpprod_util CPPROD_GetValue "CPUpdates/6.0/BUNDLE_R80_20_JUMBO_HF_MAIN" SU_Build_Take 0
I'm thinking about just tweaking the installed_jumbo_take command and pushing it out as a custom clish command on R80.20 gateway. But I'll check with support to see if they is any reason not to use this logic. I think as long as the R80.10 and R80.20 code train use a consistent naming convention, this should work...
Anyways -- I'm still curious if others have a different solution for this problem.
For those that are curious about the cpprod_util, it is pulling from the registry:
$CPDIR/registry/HKLM_registry.data
Example from R80.20:
: (CPUpdates
:CurrentVersion (6.0)
: (6.0
: (HotFixes
:BUNDLE_R80_20_JUMBO_HF_MAIN (1)
)
: (BUNDLE_R80_20_JUMBO_HF_MAIN
:SilentUninstall (NONE)
:ping_package (1)
:RollbackPackage ("/opt/CPda/backup/")
:PackageFile (Check_Point_R80_20_JUMBO_HF_Bundle_T33_sk137592_FULL.tgz)
:SU_Build_Take (33)
)
)
)
You can find the syntax for different versions here sk98028 - Jumbo Hotfix Accumulator FAQ
You can also use the routine I have implemented in our ccc script.
cpinfo -y all 2>/dev/null | grep JUMBO | tail -n1 | awk '{print $3}'
Try this:
cpinfo -y FW1
Many creative ways to do this, I needed a script to return the jha number only to implemented extended snmp.
Stole a few lines from the check point healthcheck script and came up with a solution that works on both R77.x and R80.x
#!/bin/bash
cp_version=$(cat /etc/cp-release | egrep -ow 'R[0-9\.]+')
cp_underscore_version=$(echo $cp_version | sed 's/\./_/')
installed_jumbo_version=$(grep ":installed_on " /config/active | grep Bundle | grep -v bundle | grep JUMBO | egrep "$cp_version|$cp_underscore_version" | egrep -o 'T[0-9]{1,3}' | tr -d "T" | sort -n | tail -n1)
echo $installed_jumbo_version
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY