This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Avigdor_Sharon
Contributor
‎2015-12-03 10:51 PM

IP Tables

Overview

A python scripts that takes the output of ip-tables and produces a script with a similar Check Point policy

Instructions

See power point slides in the attached zip.

Code Version

Code version 0.0.0

Tested on version

R80, API version 1.0

NOTICE: By using this sample code you agree to terms and conditions in this Terms and Conditions

...

1_iptables.zip
3 Replies
VN_Payers
Participant
‎2020-05-12 11:57 PM

Good morning, I have tested the script and it works very well for the most part, it only gives me problems in one command.

#create in-line layers - one for every chain:
mgmt_cli add layer name sub_policy_INPUT -s id.txt

#create top layer
mgmt_cli add layer name iptables_policy -s id.txt

The add layer command does not exist, but the add access-layer command does exist. I have changed it for the latter.

 

my iptable version is iptables v1.3.5

my CP version is product-version: "Check Point Gaia R80.30 "
os-build: "200"
os-kernel-version: "3.10.0-693cpx86_64"
os-edition: "64-bit"

do you think it will work properly?

 

regards

0 Kudos
Maik
Advisor
‎2020-05-13 01:34 AM
In response to VN_Payers

Without verifying the actual script... if you should run into issues try to modify the login call to specify the api version which should be used ("--version 1"). In this case it would be version 1.0 - if you do not specify this your management server will automatically try to use the latest version (which is 1.5 for R80.30).
0 Kudos
PhoneBoy
Admin
Admin
‎2020-05-13 09:12 AM
In response to VN_Payers

This is a script that was developed for R80 (specifically, the first version).
It might need modification for later versions.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top