This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Kaspars_Zibarts
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2018-03-14 05:40 AM

IPCALC on CLI

This migt be old news for some but definitely new news for myself Smiley Happy

Ever wondered to quickly calculate network address, broadcast or mask from a host? Usually it's the online ipcalc but it actually lives in your GW. Good for scripting etc.

## SHOW MASK
[Expert@vsx]# ipcalc -m 190.160.3.100/28
NETMASK=255.255.255.240

## SHOW NETWORK ADDR
[Expert@vsx]# ipcalc -n 190.160.3.100/28
NETWORK=190.160.3.96

## SHOW BROADCAST ADDR
[Expert@vsx]# ipcalc -b 190.160.3.100/28
BROADCAST=190.160.3.111‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍
7 Replies
AlekseiShelepov
Advisor
‎2018-03-14 06:34 AM

I always used netcalc websites to verify mask and network address!

Commands can look like all-in-one:

# ipcalc -nmbp 192.168.1.34/28
NETMASK=255.255.255.240
PREFIX=28
BROADCAST=192.168.1.47
NETWORK=192.168.1.32

It works on Gaia and Splat, but not on IPSO.

Kaspars_Zibarts
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2018-03-14 06:59 AM
In response to AlekseiShelepov

had to learn it after 15 years of using ipcalc online haha

Oliver_Fink
Advisor
Advisor
‎2018-03-16 02:47 AM
In response to Kaspars_Zibarts

I used ipcalc (different program) on my local Mac for years not knowing that it also exists on the firewall gateways.  😕

0 Kudos
Danny
MVP Platinum
MVP Platinum
‎2018-03-14 02:12 PM

Looks like you stumbled upon Yuri Slobodyanyuk's blog post: Subnet calculator in Checkpoint – yurisk.info 

0 Kudos
Gary_Lipets
Participant
‎2018-03-15 11:51 AM

A colleague of mine wrote a python script on a similar topic, the argument it expects is an output of "ifconfig -a" on a firewall. You will get all the locally attached subnets on the firewall, this might be useful to give to your vulnerability scanner to be able to scan all the DMZ's off the firewall

/////////////

#!/usr/bin/python

import sys

input_name = sys.argv[1]

with open(input_name, "r") as f:
contents = f.readlines()

for i, item in enumerate(contents):
if "inet addr:" in item and "Mask:" in item:
interface = contents[i - 1].split()[0]
cidr = 0
ip_octets = ((item.split("inet addr:")[1]).split()[0]).split(".")
subnet_mask_octets = ((item.split("Mask:")[1]).split()[0]).split(".")
for j, item in enumerate(subnet_mask_octets):
if item == "255":
cidr += 8
continue

elif item == "254":
cidr += 7

elif item == "252":
cidr += 6

elif item == "248":
cidr += 5

elif item == "240":
cidr += 4

elif item == "224":
cidr += 3

elif item == "192":
cidr += 2

elif item == "128":
cidr += 1

octet_number = j
octet_value = 256 - int(item)
break

ip_octets[octet_number] = str(int(ip_octets[octet_number]) // octet_value * octet_value)

for j in range(octet_number + 1, 4):
ip_octets[j] = "0"

print "%s/%s %s" %(".".join(ip_octets), cidr, interface)

////

0 Kudos
PhoneBoy
Admin
Admin
‎2018-03-15 03:40 PM

Had no idea we had that utility on Gaia.

Quite useful Smiley Happy

Kaspars_Zibarts
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2018-03-15 11:19 PM
In response to PhoneBoy

Haha great, then I don't feel left out..

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events