This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Antoine_Rebuzzi
Participant
‎2019-03-14 12:27 AM
Jump to solution

Policy location on a gateway R80

Hi, 

 

I want to know if it's possible to retrieve the policy on a local gateway. When we do the fw stat, we can see the Policy name but I'm wondering "where" this policy is stored in local (if it's stored at all). 

 

I've search a little bit here, but couldn't find the right answer. 

My overall goal is to try and set let's say an "automated reboot" on a previous Policy from the gateway itself, I'm not sure if it's possible at all but I'm exploring options ;). 

 

Thank you in advance for your help. 

0 Kudos
1 Solution

Accepted Solutions
Danny
MVP Diamond
MVP Diamond
‎2019-03-14 01:29 AM
Jump to solution

On a R80.x gateway the installed policy can be found within $FWDIR/state/local/FW1/

The rulebase for example is within $FWDIR/state/local/FW1/local.rule

To reach your goal of automatically booting a different policy I recommend doing backups of each policy and then automatically select the backup you want to boot from, restore it and reboot. Done.

View solution in original post

(1)
8 Replies
Vincent_Bacher
MVP Silver
MVP Silver
‎2019-03-14 01:19 AM
Jump to solution

Afaik a local copy should be located in $FWDIR/state/__tmp/FW1
to load local copy: fw fetchlocal -d $FWDIR/state/__tmp/FW1

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
Antoine_Rebuzzi
Participant
‎2019-03-14 03:31 AM
In response to Vincent_Bacher
Jump to solution

Thanks 🙂
0 Kudos
PhoneBoy
Admin
Admin
‎2019-03-14 01:23 AM
Jump to solution

The policy is stored in compiled form in $FWDIR/state in several files/directories. When you do an fw fetchlocal, it comes from this directory structure.

Note that only the current policy is stored here, not previous policies. The only supported way to change the policy loaded is to push a new one from the Security Management.

Antoine_Rebuzzi
Participant
‎2019-03-14 03:31 AM
In response to PhoneBoy
Jump to solution

Thanks, you were all pretty fast guys 😉
0 Kudos
George_Ellis
Advisor
‎2025-06-25 12:09 PM
In response to PhoneBoy
Jump to solution

Thanks guys for the directory suggestions (and the other replies)

I found the cheat code.  

cat $FWDIR/state/local/FW1/local.sic_name |grep 'o='|awk -F ,o= '{print $2}'|awk -F . '{print $NR}'

 

Background
cat local.sic_name
sic_name=cn=<fwname>,o=<domainname>..<CAthingy>

 

(1)
the_rock
MVP Diamond
MVP Diamond
‎2025-06-25 06:12 PM
In response to George_Ellis
Jump to solution

Excellent!

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
Danny
MVP Diamond
MVP Diamond
‎2019-03-14 01:29 AM
Jump to solution

On a R80.x gateway the installed policy can be found within $FWDIR/state/local/FW1/

The rulebase for example is within $FWDIR/state/local/FW1/local.rule

To reach your goal of automatically booting a different policy I recommend doing backups of each policy and then automatically select the backup you want to boot from, restore it and reboot. Done.

(1)
Antoine_Rebuzzi
Participant
‎2019-03-14 03:31 AM
In response to Danny
Jump to solution

Thanks! Will help a lot.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events