This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Yifat_Chen
Employee Alumnus
Employee Alumnus
‎2019-04-14 06:19 AM

R80.20 Jumbo Hotfix Accumulator - New Ongoing Take #74

Hi,

 

A new Ongoing Jumbo Hotfix Accumulator take for R80.20 (take 74) is available. Please refer to sk137592.

 

R80.20 JHF T74 is the same as T73 (including only alignment to Mail Transfer Agent engine).

  • The new releases will not be published via CPUSE as a recommended version.
  • Availability:
    • Will be provided by customer support
    • Available for download via CPUSE by using package identifier


R80.20 JHF Take #74 content:

PRJ-503 - Alignment to Mail Transfer Agent Engine Update. Refer to sk123174.

0 Kudos
3 Replies
NickGriffiths
Participant
‎2019-04-14 08:36 AM

fw monitor filters still appear to be broken in this release (as reported on previous release thread). Tested on R80.20 VM management and 3100 single gateway,

Shame really, as there are a few stability fixes that really should be rolled out; but will be sticking with T47 (on customer environments) until these issues are resolved.

 

0 Kudos
Coby_Schmidt
Employee
Employee
‎2019-04-15 04:42 AM
In response to NickGriffiths

@NickGriffiths.

There was indeed a behavioral change of FW monitor in this take.

 

Up until R80.20 FW monitor was not monitoring accelerated traffic by PPAK. In R80.20 we introduced the ability to monitor this traffic, however it was not enabled by default (Due to high performance impact). One of the reasons for this high performance impact is the inability to use the "-e" filter which is not supported on PPAK.

 

Now, starting from take 73, we have made substantial changes to FW monitor. Together with performance optimizations we have also embedded new filtering abilities in FW monitor.

 

By using "-F" flag you can filter certain connection. For example, to filter a host with the IP “8.8.8.8” you should use: fw monitor -F "8.8.8.8,0,0,0,0" -F "0,0,8.8.8.8,0,0".

The syntax is simple. -F "{src IP}, {src port}, {dst IP},{dst port}, {protocol num}". “0” can be used as a wild card.

For more information about this check  sk30583 ("what is FW monitor") or ask me.

ClaudiaPeter
Contributor
‎2019-07-18 06:56 AM
In response to Coby_Schmidt

Is it intended that "-e" doesn't filter any more, so "-F" is not an additional option but replaces "-e"?

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫