Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
fsanchezwtu
Explorer

CLI command to list Nodes on R.7730

Jump to solution

Dear All.

In the past i remember to have been used a command to list all nodes (objects) on my R77.30.

Im unable to find that command. Can please someone assist me?

0 Kudos
1 Solution

Accepted Solutions
the_rock
Champion
Champion

@fsanchezwtu ...what @Timothy_Hall is referring to is below:

https://www.empirion.co.uk/checkpoint/checkpoint-object-filler-and-object-dumper-ofiller/

I ran it once before (thats exact script I was thinking of actually, so thanks Tim for mentioning it), but this outputs objects in CSV format, not sure if it would give it directly on the screen, but you can try.

Andy

View solution in original post

18 Replies
the_rock
Champion
Champion

You mean list all your network objects (hosts, networks, groups)?

0 Kudos
fsanchezwtu
Explorer

Yes! Exactly that!

0 Kudos
the_rock
Champion
Champion

Hm...thats very good question!! I cant remember back in older versions, but I will see via clish or maybe mgmt_cli commands to get this. If I find it, will update you.

Andy

0 Kudos
Bob_Zimmerman
Advisor

No mgmt_cli on R77.30.

@fsanchezwtu Are you looking for just the names? You may be able to pull that out of $FWDIR/conf/objects_5_0.C like so:

[Expert@DallasSA]# egrep "^\s\s: \(" objects_5_0.C 
		: (Any
		: (All
		: (Any
		: (None
		: ("All Users"
		: (All_Communities
		: (All_GwToGw
		: (Internal_clear
...
fsanchezwtu
Explorer

Is possible to get the names and the IP address?

0 Kudos
the_rock
Champion
Champion

I could have sworn I saw some type of script back in the day that would give all this info. I will look through my old files and emails to see what I can dig out for you.

Andy

0 Kudos
the_rock
Champion
Champion

Correct @Bob_Zimmerman . I keep forgetting its R77.30.

0 Kudos
Timothy_Hall
Champion
Champion

odumper/ofiller or possibly confwiz.

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at http://www.maxpowerfirewalls.com
fsanchezwtu
Explorer

Sorry but i dont understand.

I just need to print on the screen a list of the objects with their ip addresses.

It was a simple command but im unable to find it

0 Kudos
the_rock
Champion
Champion

@fsanchezwtu ...what @Timothy_Hall is referring to is below:

https://www.empirion.co.uk/checkpoint/checkpoint-object-filler-and-object-dumper-ofiller/

I ran it once before (thats exact script I was thinking of actually, so thanks Tim for mentioning it), but this outputs objects in CSV format, not sure if it would give it directly on the screen, but you can try.

Andy

fsanchezwtu
Explorer

No. That is not working.

There must be a commando like get objects or similar

0 Kudos
the_rock
Champion
Champion

I dont sadly have any R77.30 lab at all, but let me try later some commands on R81.10 and see what comes up.

0 Kudos
Bob_Zimmerman
Advisor

That's one of the major advances in R80. It added an API which you can use to get information like this via simple(ish) commands.

For earlier versions, it's all about parsing the contents of the objects_5_0.C file. Tools like confwiz and odumper exist to parse the file and spit out the data in a form which is easier to work with, such as CSV.

the_rock
Champion
Champion

Sorry to say, but I got nothing. What Bob gave is the best, plus what Tim mentioned for ofiller/odumper.

0 Kudos
fsanchezwtu
Explorer

Finally i give up.
I get the file Objects_5_0.C using WinSCP.
I tried with a lot of tools with any luck.
FInally i found an old serever shutdown with windows X32 and executed ofiller.

I think is silly that checkpoint doesn´t have any tool or guide that works for this situation.
every post guides to the api mgmt but that doesnt work.

So. I solved it. Thanks everyone for your time

0 Kudos
the_rock
Champion
Champion

I hear ya, I know it can be frustrating : (. See, Im sure most people are used to old Cisco method where you just do show runn and it spits out everything. With CP, does not work that way, since all the objects and config would be on the management server and such a command does not exist and show configuration wont give you that, sadly. 

0 Kudos
Danny
Champion
Champion

Well.. R77.30 is a long expired Check Point version that doesn't have all the new tools recent versions do.

My Top 10 list of possible solutions:

1 > Upgrade your R77.30 management in a Lab-VM to R81 and extract the data you look for with the tools mentioned here.

2 > Grab cpdb2web for R77.30 as described in sk64501 and run cpdb2html/cpdb2web to collect your data of interest.

3 > Grab Confwiz v1.25 and export the data from your R77.30 management easily.

4 > Use the included bash grep functionality to grep your data of interest directly from your Objects_5_0.C

5 > Use CPParser to extract your data of interest.

6 > Use odumper to grep your data of interest.

7 > Use echo -e "print \n-q\n" | dbedit -local to grep your data of interest (skI3301).

8 > Use other's dbedit examples.

9 > Use cpmiquerybin to grep your data of interest

10 > Search GitHub for applicable scripts to parse your data of interest. (Examples: 1, 2, 3)

JozkoMrkvicka
Leader
Leader

dbedit and/or cpmiquerybin are the command which you are looking for 🙂

How to use the dbedit utility

How to use the 'cpmiquerybin' command to list objects and their attributes

Kind regards,
Jozko Mrkvicka