This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Mick_OToole
Participant
‎2017-06-28 06:33 AM
Jump to solution

R80.10 Errors

Hi all, I recently uploaded my configuration to the R80.10 Upgrade Verification Service. It came back with 2 errors. One was very easy to fix up (an unsupported UTM-1 appliance) the other one is a little harder to figure out. It says: Corrupted objects ids  Description: Database contains corrupted object ids and therefore objects' functionality will be damaged Please consult support how to fix the following corruption(s): Table: asm Object name: A9F495C17-992D-4451-B3E0-FC35BE3F6D45 Object id: {9F495C17-992D-4451-B3E0-FC35BE3F6D4 ‚

Any ideas?

1 Solution

Accepted Solutions
Tomer_Sole
Mentor
Mentor
‎2017-06-30 06:15 AM
In response to Mick_OToole
Jump to solution

I can confirm to you that fixing asm.C in the case of corrupted asm objects is the right thing to do. Asm is where the IPS settings and protections are stored at (in pre-R80 Management). For equivalent data on R80 and above Management use the API commands. 

Hope this helps

View solution in original post

0 Kudos
5 Replies
Johnathan_McGu1
Explorer
‎2017-06-28 08:46 AM
Jump to solution

Hi Mick,

From sk117237 - R80.10 Pre-Upgrade Verifier notifications and their solutions:

Corrupted object IDs

There are objects with corrupted UID.
For example:

  • UID string length is not 38
  • UID string does not start with "{", does not end with "}"
  • hyphens are not in the right places
  • hex digits are not in the right places

Contact Check Point Support for assistance, or follow the below procedure:

Background

The Object's UID should look like this:
{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}
The length of the entire string is 38 characters:
  • 2 brackets - at positions 1 and 38
  • 4 hyphens - at positions 10, 15, 20 and 25
  • 8 hex digits - at positions 2 - 9
  • 4 hex digits - at positions 11 - 14
  • 4 hex digits - at at positions 16 - 19
  • 4 hex digits - at positions 21 - 24
  • 8 hex digits - at positions 26 - 37
  • allowed hex digits - 0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f

Procedure

  1. Collect the complete backup (refer to sk108902).
  2. Generate a new UID using the following online generator: http://www.guidgen.com
  3. Edit the $FWDIR/conf/objects_5_0.C file using and advanced text editor (Vi, Notepad++, etc.)
  4. Change the corrupted UID to the generated UID

hope this helps.

0 Kudos
Mick_OToole
Participant
‎2017-06-28 09:30 AM
In response to Johnathan_McGu1
Jump to solution

Hi Jonathan,

I had seen that before (sorry, should have mentioned this in original post) but in the objects_5_0.C file there is no UID matching the one that the installed flagged. 

I did however find the UID in the $FWDIR/conf/asm.C file and I believe that this is the cause of my error.

In the asm.C file I can see the following ...

...

: (A9F495C17-992D-4451-B3E0-FC35BE3F6D45
:AdminInfo (
:ClassName (simple_pattern_definition)
:chkpf_uid ("{9F495C17-992D-4451-B3E0-FC35BE3F6D4 ‚")
:table (asm)

...

I'm pretty sure that should read 

:chkpf_uid ("{9F495C17-992D-4451-B3E0-FC35BE3F6D45}") 

as per the error that I received from the R80.10 Upgrade Verification Service.

Corrupted objects ids

Description:
Database contains corrupted object ids and therefore objects' functionality will be damaged
Please consult support how to fix the following corruption(s):
Table: asm Object name: A9F495C17-992D-4451-B3E0-FC35BE3F6D45 Object id: {9F495C17-992D-4451-B3E0-FC35BE3F6D4 ‚

I am unsure of

1. whether or not modifying the asm.C file is a good idea

2. Will the changes persist after upgrades/policy pushes etc?

Anyone have experience with this?

Mick

0 Kudos
Mick_OToole
Participant
‎2017-06-30 03:15 AM
Jump to solution

In the interest of completeness I thought I would follow up on my original query.

I backed up the asm.C file and made the changes that I suggested in my second post. 

The files were uploaded to Checkpoint and I received notification this morning that my environment is ready for upgrade.

I can only assume that my hunch was correct to modify this asm.C file and I have not had any ill effects in our environment.

I'm going to chalk this down as a win and move on.

I hope this information might be helpful for others in the future.

Mick

0 Kudos
Tomer_Sole
Mentor
Mentor
‎2017-06-30 06:15 AM
In response to Mick_OToole
Jump to solution

I can confirm to you that fixing asm.C in the case of corrupted asm objects is the right thing to do. Asm is where the IPS settings and protections are stored at (in pre-R80 Management). For equivalent data on R80 and above Management use the API commands. 

Hope this helps

0 Kudos
Mick_OToole
Participant
‎2017-06-30 06:33 AM
In response to Tomer_Sole
Jump to solution

Thanks Tomer,

I actually filled in the resolution earlier today but my comment is still being moderated so hasn't been published.

I appreciate the feedback.

Mick

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top