- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Dear All.
In the past i remember to have been used a command to list all nodes (objects) on my R77.30.
Im unable to find that command. Can please someone assist me?
@fsanchezwtu ...what @Timothy_Hall is referring to is below:
https://www.empirion.co.uk/checkpoint/checkpoint-object-filler-and-object-dumper-ofiller/
I ran it once before (thats exact script I was thinking of actually, so thanks Tim for mentioning it), but this outputs objects in CSV format, not sure if it would give it directly on the screen, but you can try.
Andy
You mean list all your network objects (hosts, networks, groups)?
Yes! Exactly that!
Hm...thats very good question!! I cant remember back in older versions, but I will see via clish or maybe mgmt_cli commands to get this. If I find it, will update you.
Andy
No mgmt_cli on R77.30.
@fsanchezwtu Are you looking for just the names? You may be able to pull that out of $FWDIR/conf/objects_5_0.C like so:
[Expert@DallasSA]# egrep "^\s\s: \(" objects_5_0.C
: (Any
: (All
: (Any
: (None
: ("All Users"
: (All_Communities
: (All_GwToGw
: (Internal_clear
...
Is possible to get the names and the IP address?
I could have sworn I saw some type of script back in the day that would give all this info. I will look through my old files and emails to see what I can dig out for you.
Andy
Correct @Bob_Zimmerman . I keep forgetting its R77.30.
odumper/ofiller or possibly confwiz.
Sorry but i dont understand.
I just need to print on the screen a list of the objects with their ip addresses.
It was a simple command but im unable to find it
@fsanchezwtu ...what @Timothy_Hall is referring to is below:
https://www.empirion.co.uk/checkpoint/checkpoint-object-filler-and-object-dumper-ofiller/
I ran it once before (thats exact script I was thinking of actually, so thanks Tim for mentioning it), but this outputs objects in CSV format, not sure if it would give it directly on the screen, but you can try.
Andy
No. That is not working.
There must be a commando like get objects or similar
I dont sadly have any R77.30 lab at all, but let me try later some commands on R81.10 and see what comes up.
That's one of the major advances in R80. It added an API which you can use to get information like this via simple(ish) commands.
For earlier versions, it's all about parsing the contents of the objects_5_0.C file. Tools like confwiz and odumper exist to parse the file and spit out the data in a form which is easier to work with, such as CSV.
Sorry to say, but I got nothing. What Bob gave is the best, plus what Tim mentioned for ofiller/odumper.
Finally i give up.
I get the file Objects_5_0.C using WinSCP.
I tried with a lot of tools with any luck.
FInally i found an old serever shutdown with windows X32 and executed ofiller.
I think is silly that checkpoint doesn´t have any tool or guide that works for this situation.
every post guides to the api mgmt but that doesnt work.
So. I solved it. Thanks everyone for your time
I hear ya, I know it can be frustrating : (. See, Im sure most people are used to old Cisco method where you just do show runn and it spits out everything. With CP, does not work that way, since all the objects and config would be on the management server and such a command does not exist and show configuration wont give you that, sadly.
Well.. R77.30 is a long expired Check Point version that doesn't have all the new tools recent versions do.
My Top 10 list of possible solutions:
1 > Upgrade your R77.30 management in a Lab-VM to R81 and extract the data you look for with the tools mentioned here.
2 > Grab cpdb2web for R77.30 as described in sk64501 and run cpdb2html/cpdb2web to collect your data of interest.
3 > Grab Confwiz v1.25 and export the data from your R77.30 management easily.
4 > Use the included bash grep functionality to grep your data of interest directly from your Objects_5_0.C
5 > Use CPParser to extract your data of interest.
6 > Use odumper to grep your data of interest.
7 > Use echo -e "print \n-q\n" | dbedit -local
to grep your data of interest (skI3301).
8 > Use other's dbedit examples.
9 > Use cpmiquerybin to grep your data of interest
10 > Search GitHub for applicable scripts to parse your data of interest. (Examples: 1, 2, 3)
dbedit and/or cpmiquerybin are the command which you are looking for 🙂
How to use the 'cpmiquerybin' command to list objects and their attributes
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY