- Products
- Learn
- Local User Groups
- Partners
- More
CheckMates Fifth Birthday
Celebrate with Us!
days
hours
minutes
seconds
Join the CHECKMATES Everywhere Competition
Submit your picture to win!
Check Point Proactive support
Free trial available for 90 Days!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
The 2022 MITRE Engenuity ATT&CK®
Evaluations Results Are In!
Now Available: SmartAwareness Security Training
Training Built to Educate and Engage
MITRE ATT&CK
Inside Check Point products!
CheckFlix!
All Videos In One Space
This script shows how objects can be migrated from one R80 manager to another R80 or R80.10 manager programmatically using the R80 web APIs, Python, and cpauto.
Script requires at least two R80/R80.10 managers with the web APIs enabled. The source manager should have some host and network objects defined for the demo to be useful.
The provided code is merely an example but is a viable pattern that can be reused for virtually all object types.
Download the ZIP archive and run the enclosed Python script on a system that meets the following requirements:
For more information on cpauto: https://github.com/dana-at-cp/cpauto
Code version 1.0.0
R80, API version 1.0
NOTICE: By using this sample code you agree to terms and conditions in this Not authorized to view the specified document 1042
...
Looks pretty solid. Just tired it with my R80.10, getting connection error, please advice
[docker@nms02m ~]$ python
Python 2.7.5 (default, Aug 2 2016, 04:20:16)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import cpauto
>>> cc=cpauto.CoreClient('root','password','10.254.253.110')
>>> r=cc.login()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.7/site-packages/cpauto/core/sessions.py", line 196, in login
r = self.http_post('login', send_sid=False, payload=payload)
File "/usr/lib/python2.7/site-packages/cpauto/core/sessions.py", line 161, in http_post
raise ConnectionError('Connection error: ' + str(e))
cpauto.core.exceptions.ConnectionError: Connection error: HTTPSConnectionPool(host='10.254.253.110', port=443): Max retries exceeded with url: /web_api/login (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)'),))
>>> r.status_code
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
NameError: name 'r' is not defined
Hello Irek.
Try again with SSL certificate verification disabled:
>>> cc=cpauto.CoreClient('root','password','10.254.253.110',verify=False)
Thank you , I progressed a little further, getting Missing header error now ?
>>> cc=cpauto.CoreClient('root','password','10.254.253.110',verify=False)
>>> n = cpauto.Network(cc)
>>> r = n.add('Net_10.29.184.0/23', { 'subnet': '10.29.184.0', 'subnet-mask': '255.255.254.0' })
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
>>> r = cc.publish()
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
>>> r.status_code
400
>>> r.json()
{u'message': u'Missing header: [X-chkp-sid]', u'code': u'generic_err_missing_required_header'}
Hey https://community.checkpoint.com/people/iromaacad497a-dc2a-485a-9ac5-c7da8ab74009 ... it looks like you forgot to do cc.login() before attempting to create objects.
now I finally got '200' response but can't find my network object in GUI...removed 'Unverified HTTPS request is being made' from output below
>>> r=cc.login()
>>> n=cpauto.Network(cc)
>>> r=n.add('net_1.1.1.0/23',{'subnet':'1.1.1.0','subnet-mask':'255.255.254.0'})
>>> r=cc.publish()
>>> r.status_code
200
>>> r.json()
{u'tasks': [{u'task-id': u'01234567-89ab-cdef-acb4-f3a1f5148efc', u'status': u'succeeded', u'progress-percentage': 100, u'task-name': u'Publish operation', u'task-details': [{u'revision': u'8cf71891-be04-4780-8519-5b12ed5d8bac', u'publishResponse': {u'numberOfPublishedChanges': 0}}], u'suppressed': False}]}
Hello Irek Romaniuk ... I would check/print the HTTP status code after the network object add. I suspect that the object add returned a non-200 HTTP response.
You could also print the entire response object for more detail.
Correct it returned 400 after he network object added
Is it possible to re-upload the zip file scripts.
I have tried several times to download but keep getting errors preventing me from unzipping using the default Windows 10 Zip client.
Thanks
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY