Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vinz129
Participant
Jump to solution

SMS = Specific file list

Hello,

I'm looking for a list of possibly manually modified files located on the SMS (eg. crypt.def, implied_rules.def, ...) which might be worth comparing prior-after an upgrade/migration.

Thanks,

Vinz

1 Solution

Accepted Solutions
HeikoAnkenbrand
Champion Champion
Champion

Hi @Vinz129,

Here I have described the structure of the different files:
R80.x - Policy Installation Flowchart 

Here are the most important config files, which we can customize Check Point INSPECT code individually:
      |-> user.def                                          ->  User-defined implied rules that can be added in Check Point INSPECT language (sk98239) 
      |-> fwui_head.def
                  |-> table.def                             
-> Definitions of various kernel tables for Check Point security gateway (sk98339) 
                  |-> auth.def
                  |-> base.def
                            |-> crypt.def
                   -> VPN encryption macros (sk98241)
                            |-> services.def
                            |-> proxy.def
                            |-> crypt.def

If you are looking for entries that have been changed, use diff to compare an original file with yours. I install the same version under vmware and compare the files with the existing files. So you will quickly find the differences.

Typically, the following three files are edited:
- user.def
- table.def
- crypt.def

 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips

View solution in original post

2 Replies
HeikoAnkenbrand
Champion Champion
Champion

Hi @Vinz129,

Here I have described the structure of the different files:
R80.x - Policy Installation Flowchart 

Here are the most important config files, which we can customize Check Point INSPECT code individually:
      |-> user.def                                          ->  User-defined implied rules that can be added in Check Point INSPECT language (sk98239) 
      |-> fwui_head.def
                  |-> table.def                             
-> Definitions of various kernel tables for Check Point security gateway (sk98339) 
                  |-> auth.def
                  |-> base.def
                            |-> crypt.def
                   -> VPN encryption macros (sk98241)
                            |-> services.def
                            |-> proxy.def
                            |-> crypt.def

If you are looking for entries that have been changed, use diff to compare an original file with yours. I install the same version under vmware and compare the files with the existing files. So you will quickly find the differences.

Typically, the following three files are edited:
- user.def
- table.def
- crypt.def

 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
Vinz129
Participant

Hello @HeikoAnkenbrand,

 

ok, great, sounds/looks clear to me.

 

Thanks,

 

Vince

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events