Re: scp with cprid_util

Steve_Vandegaer · ‎2020-10-15

Hi all,

I'm looking for an easy way to get the Gaia config from multiple gateways and store in one place. My ideas was to try this with cpdir_util. I tried:

`$CPDIR/bin/cprid_util -server $IP -timeout 5 -verbose rexec -rcmd /bin/clish -s -c 'save configuration $GW'`
Where GW is a variable, this just saved the config with the name $GW in /

Not getting this to work I just used a fixed name

`$CPDIR/bin/cprid_util -server $IP -timeout 5 -verbose rexec -rcmd /bin/clish -s -c 'save configuration test_steve'`
This saves the file in /

So next I wanted to copy it to the management server

`$CPDIR/bin/cprid_util -server $IP -timeout 5 -verbose rexec -rcmd bash -c "scp /test_steve adminNXO@MGMT_IP:/home/admin/CP_migration/@GW"`

Trying to rename it during the scp. This doesn't work and even when just trying a fixed name the copy isn't done.

Anyone has any way to do this?

Thanks

Maarten_Sjouw · ‎2020-10-15

The error you are making here is that the $GW variable is inside the brackets, that will just be moved over as text as within Clish you cannot use a normal variable this will not work at all.

The second time you will be able to use a variable but is that a variable available locally on the gateway or is it only on the management server that you are running cprid_util from? For the latter, you should try to move the variable outside the brackets so it will be converted first.

Hope it makes sense.

Regards, Maarten

Steve_Vandegaer · ‎2020-10-15

Ok but even this command doesn't do the copy

`$CPDIR/bin/cprid_util -server $IP -timeout 5 -verbose rexec -rcmd bash -c "scp /test_steve adminNXO@MGMT_IP:/home/adminNXO/CP_migration/"`

Here I would expect to see the file test_steve in the folder on the mgmt

Danny · ‎2020-10-15

Try this:

for i in `grep 'sic_name\|ipaddr' $FWDIR/conf/objects.C|grep -A1 sic_name|grep 'ipaddr '|tr -d ':ipadr ()\t'`; do cprid_util -server $i -verbose rexec -rcmd /bin/clish -c "show configuration"; done > gaia_backup_all_$(date +%Y%m%d%H%M)

Steve_Vandegaer · ‎2020-10-15

Any way to replace gaia_backup_all with the hostname of the gw it takes a backup from?

Danny · ‎2020-10-15

Sure, just split gaia_backup_all into single confguration files like this:

csplit -z gaia_backup_all /\#\ Configuration/ '{*}'; for i in xx*; do mv $i $(head -1 $i|awk 'NF>1{print $NF}'); done

Steve_Vandegaer · ‎2020-10-26

Thanks a lot, this saves me a lot of work.

HeikoAnkenbrand · ‎2020-10-26

Hi @Steve_Vandegaer,

use this script:

Easy Backup Tool - (migrate export + all GAIA configs)

This tool creates a backup of all GAIA gateway configurations with one CLI command "ebackup" and more other functions!

Only one CLI command "ebackup"
- Backup of all Gaia gateway configurations (Check Point appliances, Open Server, SMB appliances 11xx, 14xx)
- Migrate export on SMS
- Migrate-server on MDS
- Backup all files to one TGZ file
- FTP upload support backup file
- CP upload support for backup file via cprid_util

or

Easy execute CLI commands on all gateways simultaneously

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips

Simon_Macpherso · ‎2021-05-23

Does this script select all gateways, including those that are members of a cluster?

daveTaylor · ‎2023-01-13

Does this only work for R80 versions? I tried it on R81.20 and I get an error [NULL BUF]

SCSupport · ‎2023-03-24

yes it seems R81.x will need some mods to the script

Bob_Zimmerman · ‎2023-03-24

"(NULL BUF)" means CPRID tried to do something which didn't work. Any number of things can cause this. Do you have any other firewall between the management server and the firewalls it manages?

Are you a member of CheckMates?

scp with cprid_util