Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor

How to Block TOR NODE is Checkpoint Firewall R80.30 Version

Dear @PhoneBoy 

 

Please help me to Block the TOR node in checkpoint firewall which is running on R80.30 version.

 

We want to follow step:4 from the link below. But i could not find same configuration in the file IP-blacklist.sh and ip_block.sh in R80.30 version firewall.

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

 

we want to block all the IP's in the below

https://secureupdates.checkpoint.com/IP-list/TOR.txt

 

Thank you for you kind co-operation

 

11 Replies
Highlighted
Admin
Admin

What leads you to believe the provided scripts won't work on R80.30?
Have you actually tried them and what were the precise results?
0 Kudos
Highlighted
Contributor

I mean there is no such things to make changes in IP-blacklist.sh and ip_block.sh file on the checkpoint firewall running on r80.30.

like suggested on step:4 of below link
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
Highlighted
Contributor

Do we need to configure both step:3 and step:4 to come in effect or can we choose one of them and configure one of the steps to come in effect.
0 Kudos
Highlighted
Contributor

on the step:3 on the link below there is a scrip to download and that script has not mention the OS version of r80.30 

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

 

I have attached the screenshot herewith 

0 Kudos
Highlighted
Admin
Admin

Like I said, have you actually tried to run the script or are you hung up because the SK doesn't mention R80.30?
Try the scripts.
0 Kudos
Highlighted
Contributor

Dear @PhoneBoy

Actually, it the requirement of the customer and i have tried this even in the customer environment, but when i go through the script in r80.30. The given SK doesn't match at all. The script are different in R80.30 then what is said in the SK.

So Maybe, the SK need to be updated or there should be different SK for Newer Version so that we can't be confuse. It will help us understand easier and help us to configure in simple way.

0 Kudos
Highlighted
Admin
Admin

I'm not clear if you actually ran the scripts and got an error or won't run the scripts because the download link doesn't say it's compatible with R80.30.
Please clarify this point.
0 Kudos
Highlighted
Contributor

So, If i dont modify the script as suggested by the SK and just run the default script which is already there in r80.30 version

Does it block the same IP's from the below link
https://secureupdates.checkpoint.com/IP-list/TOR.txt

0 Kudos
Highlighted
Admin
Admin

The downloaded script should run as is.
However, you have to follow the instructions in the Step 3 of sk103154 to ensure that it's going to use the TOR list we maintain.
The modifications mentioned in Step 4 of the SK do not need to be done, and in fact, look wrong or maybe even inappropriate, at least in R80.40.
@Ronen_Zel can you have someone look at this?

0 Kudos
Highlighted

We did look into sk103154 and consulted R&D about this. Their reply was:

These are not steps, these are separate independent sections and as it says in the beginning of section [4]:

Important Notes:

0 Kudos
Highlighted
Contributor

 

Thanks @PhoneBoy  Thanks @Ronen_Zel 

 

I will try with step:3 only and update you about this. Thanks for your support.

0 Kudos