This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Duane_Toler
Advisor
8 hours ago

SmartTask output contains non-printable characters

Sooo... I guess this is normal?

Screenshot 2025-03-14 at 5.47.44 PM.png

Test script is just a simplistic one to get started:

#!/bin/bash
cat $1 >/tmp/pre_publish_dump.txt

printf '{ "result" : "success"}'
exit 0

 

With or without a "\n" at the end of the printf, and when using "echo" instead, the output in SmartConsole is the same after a Publish operation.  Seems kinda weird.

I looked through $MDS_FWDIR/log/cpm.elg as well, and it says the same (no surprise):

14/03/25 21:47:36,705  INFO internal.executors.RunScriptActionExecutor [taskExecutor-316]: Script execution finished, exit code: 0, output: 
{ "result" : "success"}, commandError 
14/03/25 21:47:36,705 ERROR coresvc.internal.JobsSvcImpl [taskExecutor-316]: SmartTask execution output contains non-printable characters. Output as bytes: [10, 123, 32, 34, 114, 101, 115, 117, 108, 116, 34, 32, 58, 32, 34, 115, 117, 99, 99, 101, 115, 115, 34, 125]
14/03/25 21:47:36,705  INFO coresvc.internal.JobsSvcImpl [taskExecutor-316]: Action execution of SmartTask [7707d084-ebb9-4596-a421-2b0b41cf7441] succeeded

 

Just wanna make sure it's not just me going insane... (well,  any more than I already am!).

 

--
Ansible for Check Point APIs series: https://www.youtube.com/@EdgeCaseScenario and Substack
0 Kudos
2 Replies
Duane_Toler
Advisor
8 hours ago

Huzzah!  I found a bug. 🙂  Still doesn't address the original oddity above, tho.

I'll get this to TAC, but in case anyone else tries this:

If you load a Bash script containing a line that checks to match a regular expression, the script import strips out the '~' part:

#!/bin/bash

bad_rule_re="[^[:alnum:] _\.-]"

while read rule_name; do
  if [[ $rule_name =~ ${bad_rule_re} ]]; then
    printf '{ "result" : "failure", "message" : "%s" }\n' "Rule '${rule_name}' must not contain special characters (comma, slash, etc.)."
    exit 0
  fi
done <<<$(cat /tmp/pre_publish.txt |jq -r '.operations."modified-objects"[] |select(."new-object".type == "access-rule")."new-object" |.name ')

 

The "=~" operator on Line 6 gets stripped to just "=".  Oops.

R81.20, MDS, Jumbo HFA 84 (yes, i know, needs to be updated).  JHF release notes didn't have anything for SmartTasks past JHF 79 anyway.

 

--
Ansible for Check Point APIs series: https://www.youtube.com/@EdgeCaseScenario and Substack
0 Kudos
Duane_Toler
Advisor
7 hours ago
In response to Duane_Toler

An alternative workaround, however, that does work:

 

#!/bin/bash

bad_rule_re="[^[:alnum:] _\.-]"

while read rule_name; do
  if echo "${rule_name}" | grep -E -q "${bad_rule_re}" ; then
    printf '{ "result" : "failure", "message" : "%s" }\n' "Rule '${rule_name}' must not contain special characters (comma, slash, etc.)."
    exit 0
  fi
done <<<$(cat /tmp/pre_publish.txt |jq -r '.operations."modified-objects"[] |select(."new-object".type == "access-rule")."new-object" |.name ')

printf '{ "result" : "success"}\n'

exit 0

 

The reason for this check is so that when someone adds/edits a rule in SmartConsole, I don't have to account for special characters in an Ansible playbook later with YAML and the quoting "gotchas".

I'll put this in the CheckMates Toolbox as well.

 

--
Ansible for Check Point APIs series: https://www.youtube.com/@EdgeCaseScenario and Substack
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events