This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Bill_Ng
Collaborator
‎2018-11-28 06:07 AM

cprid_util for vsx

Hi All,

Can one use cprid_util commands for virtual FWs?  I'm trying to get some info from the virtual firewalls.  I tried using the virtual FW ip address and get no results.  I also tried using the VSX gateway address with vsenv commands and get nothing as well.  Am I missing something?

Thanks,

Bill

Labels
7 Replies
Christian_Hofma
Employee
Employee
‎2018-11-28 12:29 PM

Hi Bill,

cprid only can connect to physical machines as it needs an IP. VS do not need a management IP. Also cprid will not listen on VS ip addresses, but only on VS0 of that system. You can use it to get to a VS, but you need to go to the VS0 of the VS and run your commands there (and vsenv into the right VS beforehand)

hth

Christian

0 Kudos
Bill_Ng
Collaborator
‎2018-11-29 06:29 AM
In response to Christian_Hofma

Thanks Christian.

Would the command look like the following?

cprid_util -server x.x.x.x -verbose rexec -rcmd bash -c "vsenv 3; hostname"

I tried that and it gives me the following.

'bash: vsenv: command not found'

and the hostname returns the vs0 name.

0 Kudos
Kaspars_Zibarts
Employee Employee
Employee
‎2018-11-29 07:48 AM
In response to Bill_Ng

What exactly you are trying to get groom VS? Hostname command will always return vs0 name

0 Kudos
Bill_Ng
Collaborator
‎2018-11-29 08:08 AM
In response to Kaspars_Zibarts

I am looking to script out to get pep information from the VS.

cprid_util -server x.x.x.x -verbose rexec -rcmd bash -c "vsenv 3; pep show user all"

0 Kudos
Kaspars_Zibarts
Employee Employee
Employee
‎2018-11-30 12:35 AM
In response to Bill_Ng

You will have to create a local script on the gateway first and then call it from management using cprid.

Here's the script content, here you define the sources that will allow you executing CP commands remotely including vsenv

#!/bin/bash
source /opt/CPshrd-R80/tmp/.CPprofile.sh
source /opt/CPsuite-R80/fw1/scripts/vsenv.sh
vsenv 6 2>&1 > /dev/null
pep s p a

save it as file, for example in admin directory as test.sh, then add execute permissions

chmod +x /home/admin/test.sh

Then you can call it using cprid

$CPDIR/bin/cprid_util -server 10.1.1.1 -verbose rexec -rcmd bash -c /home/admin/test.sh
Context is set to Virtual Device vsx1_vs-ext (ID 6).
Command: root->show->pdp->all
Source IP ID Connect time Users
=========================================================
127.0.0.1 0x0 13Oct2018 19:34:00 24030

Bill_Ng
Collaborator
‎2018-12-04 07:45 AM
In response to Kaspars_Zibarts

Thanks Kaspars!

0 Kudos
DanielS
Employee
Employee
‎2022-12-22 08:45 PM
In response to Kaspars_Zibarts

So this is a bit old, but I just had to do something similar, and I managed it in a 1 liner. You could extend this to run through multiple domains on the MDS. On my script I have it to clean up my files, but not safe on a public script 🙂

mgmt_cli -r true -d 172.10.20.9 show-gateways-and-servers --format json details-level full | $CPDIR/jq/jq -r '.objects[] | select (.type=="CpmiVsxClusterMember") | [.name,."ipv4-address"]| @csv' | tr -d '"' | sed 's/,/ /'| while read -r gwname ip;do mdsenv 172.10.20.9;cprid_util -server $ip -verbose rexec -rcmd vsx stat -v | awk '$1 ~ /^[0-9]+$/ { print $1 }' | while read virtualSystemID;do echo -e "vsenv $virtualSystemID\nenabled_blades" >> $gwname.txt;done;sed -i '1s/^/#!\/bin\/bash\nsource $CPDIR\/tmp\/.CPprofile.sh\nsource $FWDIR\/scripts\/vsenv.sh\n/' $gwname.txt;cprid_util putfile -server $ip -local_file $gwname.txt -remote_file /var/tmp/$gwname.txt;cprid_util -server $ip -verbose rexec -rcmd chmod +x /var/tmp/$gwname.txt;cprid_util -server $ip -verbose rexec -rcmd bash -c /var/tmp/$gwname.txt;done

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events