cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

R80.20 Jumbo Hotfix Accumulator - New Ongoing Take #73

Employee+
Employee+
0 17 3,867

A new Ongoing Jumbo Hotfix Accumulator take for R80.20 (take 73) is available. Please refer to sk137592.

  • The new releases will not be published via CPUSE as a recommended version.
  • Availability:
    • Will be provided by customer support
    • Available for download via CPUSE by using package identifier

Impotent Note:

  • If you have Jumbo Hotfix Accumulator Take 73 installed on your machines, it must be uninstalled manually before Take 74 installation. 
    For other Jumbo Takes, this is not necessary. 

 

Thanks, 

 Release Managers Group

17 Comments

The R80.20 Jumbo Hotfix Accumulator - New Ongoing Take #73 is not compatible with the fix(es) from sk123174_Mail Transfer Agent Update - What's New ! The GA Take 47 had been compatible. Both Version 31 as 27 show a verification error:

mta_32.pngmta_27.png

 

 

 

 

 

 

 

 

 

 

 

Well - as you can see, the MABDA fix is still compatible 😉😉

Employee+
Employee+

@G_W_Albrecht thanks for the updates. I will forward it to relevant R&D owner. In parallel, please open a ticket. 

Thank you for noticing and forwarding this issue ! Regarding opening a ticket with TAC, this was already suggested here :

Thank you for providing your feedback to SecureKnowledge on sk123174, titled "Mail Transfer Agent Update - What's New".

Your feedback was:

------------------

Impossible to install 80_20_mta Take 31 over R80.20 Jumbo Take_73 - but this sk states that: The updates do not conflict with the regular Jumbo HFAs!

------------------

We understand that this SecureKnowledge solution did not help you to resolve your issue. For further assistance, you can open a service request by logging into Check Point User Center

-------------------------------------------------------------------

But as a CCSP with a small Lab deployment, all i can do is test installs - and report incompatibilities that could easily be replicated by anyone. Opening SR# Tickets for my Lab is out of discussion, i have enough work with the tickets of our customers 😉😉

Employee+
Employee+

Thanks, we are working on a fix at the moment. 

I've installed JHFA T73 onto a 5800 Cluster (and also a 3100 single). In both instances, fw monitor filters e.g. fw monitor -e "accept host(8.8.8.8);" will simply print the entire traffic stream and will not filter as per the query.

This was working fine with JHFA T47. Other functionality appears to be fine and non-conflicting (in my case).

 

 

Employee+
Employee+

@G_W_Albrecht Take 74 was  released today as on-going take with a fix.  

Employee+
Employee+

@NickGriffiths  forward to R&D; We will keep you update. 

 

I have tried to replace R80.20 JT 73 by 74 on GW and SMS:

GW -------------------

GW R80.20 JT 73 uninstall was successfull

GW R80.20 JT 74 install was successfull

R80.20 MTA Update Take 34 install was successfull

R80.20 T101 MABDA sk113410 install was successfull

------------------------

SMS -------------------

SMS R80.20 JT 73 uninstall failed:

[2019-04-15 - 10:25:46]: Initiating uninstall of R80.20 Jumbo Hotfix Accumulator Ongoing (Take 73)
[2019-04-15 - 10:26:02]: <b>Uninstall Failed</b><br><br>There are hotfixes installed on top of R80.20 Jumbo Hotfix Accumulator Ongoing (Take 73).<br><br>Uninstall the hotfix(es) HOTFIX_R80_20_JHF_T33_275_MAIN and try again.

-------------------------

HOTFIX_R80_20_JHF_T33_275_MAIN is part of JT 73 as well as part of JT 74. Downloaded SMS R80.20 JT 74 is shown as installed as part of SMS R80.20 JT 73 !

 

Employee+
Employee+

@G_W_Albrecht  from the sk137592 

"If you have Jumbo Hotfix Accumulator Take 73 installed on your machines, it must be uninstalled manually before Take 74 installation. 
For other Jumbo Takes, this is not necessary"

 

I will highlight it in my post as wel.

Thanks .

 

That manual uninstall fails with the error:

[2019-04-15 - 10:25:46]: Initiating uninstall of R80.20 Jumbo Hotfix Accumulator Ongoing (Take 73)
[2019-04-15 - 10:26:02]: <b>Uninstall Failed</b><br><br>There are hotfixes installed on top of R80.20 Jumbo Hotfix Accumulator Ongoing (Take 73).<br><br>Uninstall the hotfix(es) HOTFIX_R80_20_JHF_T33_275_MAIN and try again.

I have tried the uninstall from both GAiA WebGUI CPUSE and CLI CPUSE, but both failed ! So currently, my SMS is stuck on JT 73...

 

Employee+
Employee+

@G_W_Albrecht  Did you try to uninstall the Hotfix : HOTFIX_R80_20_JHF_T33_275_MAIN and then uninstall Jumbo #73 ?

 

It is impossible to uninstall the Hotfix : HOTFIX_R80_20_JHF_T33_275_MAIN as it has been installed only as part of Jumbo #73 !!!

Employee+
Employee+
Hi, Can you please share a few files so we would understand what exactly happened? Here's what we need: 1. /opt/CPInstLog/DA_Actions.xml 2. $CPDIR/registry/HKLM_registry.data Thanks!

You are welcome - but i can not attach it here, for some reason...

Hi Arik,

i have sent it to you using email !

kind regards,

 

--

Guenther Albrecht

Arrow ECS Internet Security AG   A-1100 Wien, Wienerbergstrasse 11

Tel: +43 1 370 94 40                      Fax: +43 1 370 94 40-333

Employee
Employee

 

@NickGriffiths.

There was indeed a behavioral change of FW monitor in this take.

 

Up until R80.20 FW monitor was not monitoring accelerated traffic by PPAK. In R80.20 we introduced the ability to monitor this traffic, however it was not enabled by default (Due to high performance impact). One of the reasons for this high performance impact is the inability to use the "-e" filter which is not supported on PPAK.

 

Now, starting from take 73, we have made substantial changes to FW monitor. Together with performance optimizations we have also embedded new filtering abilities in FW monitor.

 

By using "-F" flag you can filter certain connection. For example, to filter a host with the IP “8.8.8.8” you should use: fw monitor -F "8.8.8.8,0,0,0,0" -F "0,0,8.8.8.8,0,0".

The syntax is simple. -F "{src IP}, {src port}, {dst IP},{dst port}, {protocol num}". “0” can be used as a wild card.

For more information about this check  sk30583 ("what is FW monitor") or ask me.

Kim_Moberg
Silver

@HeikoAnkenbrand  Please add the new fw monitor to your R80.20 Cheat sheet.

Old one doesn't work any longer.

Thanks