This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Rabindra_Khadka
Contributor
‎2020-05-01 08:56 AM

How to Block TOR NODE is Checkpoint Firewall R80.30 Version

Dear @PhoneBoy 

 

Please help me to Block the TOR node in checkpoint firewall which is running on R80.30 version.

 

We want to follow step:4 from the link below. But i could not find same configuration in the file IP-blacklist.sh and ip_block.sh in R80.30 version firewall.

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

 

we want to block all the IP's in the below

https://secureupdates.checkpoint.com/IP-list/TOR.txt

 

Thank you for you kind co-operation

 

11 Replies
PhoneBoy
Admin
Admin
‎2020-05-01 12:14 PM

What leads you to believe the provided scripts won't work on R80.30?
Have you actually tried them and what were the precise results?
0 Kudos
Rabindra_Khadka
Contributor
‎2020-05-01 09:05 PM
In response to PhoneBoy

I mean there is no such things to make changes in IP-blacklist.sh and ip_block.sh file on the checkpoint firewall running on r80.30.

like suggested on step:4 of below link
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
Rabindra_Khadka
Contributor
‎2020-05-01 09:39 PM
In response to Rabindra_Khadka

Do we need to configure both step:3 and step:4 to come in effect or can we choose one of them and configure one of the steps to come in effect.
0 Kudos
Rabindra_Khadka
Contributor
‎2020-05-01 09:51 PM
In response to Rabindra_Khadka

on the step:3 on the link below there is a scrip to download and that script has not mention the OS version of r80.30 

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

 

I have attached the screenshot herewith 

tac.png
Preview file
29 KB
0 Kudos
PhoneBoy
Admin
Admin
‎2020-05-02 08:27 AM
In response to Rabindra_Khadka

Like I said, have you actually tried to run the script or are you hung up because the SK doesn't mention R80.30?
Try the scripts.
0 Kudos
Rabindra_Khadka
Contributor
‎2020-05-02 08:31 AM
In response to PhoneBoy

Dear @PhoneBoy

Actually, it the requirement of the customer and i have tried this even in the customer environment, but when i go through the script in r80.30. The given SK doesn't match at all. The script are different in R80.30 then what is said in the SK.

So Maybe, the SK need to be updated or there should be different SK for Newer Version so that we can't be confuse. It will help us understand easier and help us to configure in simple way.

0 Kudos
PhoneBoy
Admin
Admin
‎2020-05-02 10:00 PM
In response to Rabindra_Khadka

I'm not clear if you actually ran the scripts and got an error or won't run the scripts because the download link doesn't say it's compatible with R80.30.
Please clarify this point.
0 Kudos
Rabindra_Khadka
Contributor
‎2020-05-02 10:10 PM
In response to PhoneBoy

So, If i dont modify the script as suggested by the SK and just run the default script which is already there in r80.30 version

Does it block the same IP's from the below link
https://secureupdates.checkpoint.com/IP-list/TOR.txt

0 Kudos
PhoneBoy
Admin
Admin
‎2020-05-02 10:22 PM
In response to Rabindra_Khadka

The downloaded script should run as is.
However, you have to follow the instructions in the Step 3 of sk103154 to ensure that it's going to use the TOR list we maintain.
The modifications mentioned in Step 4 of the SK do not need to be done, and in fact, look wrong or maybe even inappropriate, at least in R80.40.
@Ronen_Zel can you have someone look at this?

0 Kudos
Ronen_Zel
Mod
Mod
‎2020-05-03 04:06 AM
In response to PhoneBoy

We did look into sk103154 and consulted R&D about this. Their reply was:

These are not steps, these are separate independent sections and as it says in the beginning of section [4]:

Important Notes:

0 Kudos
Rabindra_Khadka
Contributor
‎2020-05-03 04:14 AM
In response to Ronen_Zel

 

Thanks @PhoneBoy  Thanks @Ronen_Zel 

 

I will try with step:3 only and update you about this. Thanks for your support.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 18 Mar 2025 @ 09:30 AM (EET)

    CheckMates Live Greece
    In-Person

    Tue 25 Mar 2025 @ 09:00 AM (EDT)

    Canada In-Person Cloud Security with Hands-On CloudGuard Workshops!
    In-Person

    Tue 25 Mar 2025 @ 12:00 PM (MDT)

    Salt Lake City: CPX 2025 Recap
    In-Person

    Tue 08 Apr 2025 @ 12:00 PM (MDT)

    Denver: CPX 2025 Recap
    CheckMates Events
    Top