Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vijay_Nagaraj
Contributor

Time Based Rules

Hi team,

I have a situation like am able to see lots of time based rules created in the firewall , in the overview screen am able to view 20 time based  rules , due to high volume of rules am not able to scroll it and find it , I tired filtering it , but I could not do it , also I don't have  any 3rd part tools to do the same, as of now I don't have the CLI access also, could any one let me know how to filter the same and see those rules in the dashboard please?

Thanks in advance

V

0 Kudos
8 Replies
Timothy_Hall
Legend Legend
Legend

Since you mentioned the Overview screen, I assume you are referring to the R77.30 SmartDashboard.

From the Firewall tab...Policy, enter "temp" without the quotes in the search box at the top of the rulebase.  This will show you all rules with a time limit (whether currently expired or not).  Enter "exp" in that same search field to see only currently expired rules.

Strangely enough after a few minutes of poking around in the R80.10 SmartConsole I cannot figure out how to apply the above filters to find rules with time limits.  Best I can come up with is doing a "Where Used" on each individual time-based object to clumsily approximate the same thing.  Anyone know a better way?

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Vijay_Nagaraj
Contributor

Hi Tim,

Thanks a lot!! It worked for me!! I tried temp without quotes and I got what I wanted , exp for some reason not working for me !!

V

0 Kudos
Timothy_Hall
Legend Legend
Legend

The "exp" filter will only show something if you have rules that are currently expired.

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
PhoneBoy
Admin
Admin

I just searched on the name of the Time object I used (this was in R77.30).

I assume you can do something similar in R80.10 (though I haven't checked yet).

0 Kudos
Timothy_Hall
Legend Legend
Legend

Right but what about rules themselves that have an expiration date set from the "Rule Expiration" menu accessed by right-clicking the rule number and not via the Time column?  Had no problem finding these in R77.30 via the "time" and "exp" filters but can't figure out how to do it in R80.10.

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Tomer_Sole
Mentor
Mentor

the "temp" and "expired" rulebase search filters are not available in R80.10. This gap will be closed in our next releases. 

0 Kudos
fwmeister
Contributor

Hi Tomer,

Any idea which version will support exp and temp? R80.20 seems not to have it. 

In addition trying to select/filter only rules with (or without hits) also does not work on R80.20. 

"mgmt_cli -r true -d CUS show access-rulebase offset 0 limit 5 name "MYPolicy Security" details-level "full" use-object-dictionary true show-hits true hits-settings.from-date "2020-02-10" hits-settings.to-date "2020-2-17T23:59" --version 1.3"

returns all rules even those without hits.

show-hits false returns the same 

API doc leaves a lot to be desired. 

 

D

 

0 Kudos
JozkoMrkvicka
Mentor
Mentor

Hello,

in which exact version this limitation reported in 2017 will be fixed? Not available in R81...

Kind regards,
Jozko Mrkvicka
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events