cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

R77.20.80, cpdiag and crond

During testing R77.20.80 EA versions, cpdiag was mentioned in the email conversation by CP specialists. I can even search SKs for cpdiag and will even find sk123294 R77.20.80 for Small and Medium Business Appliances in the list of results, but the term/command is not mentioned in the documents visible part (same is true of sk97443: Support Debug Tools). So what does it really do when used as a command ? Download an update:


[Expert@zwelfhundertr]# cpdiag
Log path: /opt/fw1/log/cpdiag.elg
CPDiag update:
Verifying CK
CK is 00-1C-7F-...
Version is cip
bUseProxy is 0
Found update, name is cpdiag_991100024.tar.gz, revision is 991100024
CPDiag running build: 991100019
CPDiag download center build: 991100024
Started downloading updated package
Download completed
Update returned: 1
Launching new version
Log path: /opt/fw1/log/cpdiag.elg

The mentioned log file contains error messages, in my case it is a licensing warning of cosmetic nature..

But also a new daemon can be found in top:

5247     1 root   S    1084   6720   1%   0% /usr/sbin/crond

That is brand new - and we can see what it does call in file /pfrm2.0/etc/crontabs/root:

22 1 * * * /storage/cpdiag/bin/cpdiag --periodic

So we now have some new possibilities, as cron jobs need only new line(s) in /pfrm2.0/etc/crontabs/root !

Tags (2)
10 Replies

Re: R77.20.80, cpdiag and crond

I have the 730 appliance with wifi at home and want to turn off the radio at night and turn it on back in the morning so i have created two very simple bash scripts...one that turns off the wifi and other that turns it off. The scripts works when trigered manually. The issue is with schedulling with the crond. The firmware on my appliance is the latest R77.20.80 (990172392) and i have crond running. In the logs i can see that crond tried to run the script at the correct time but there is some kind of error that i dont understand.

 

2018 Oct 6 21:05:01 FW cron.notice crond[5853]: USER root pid 24301 cmd /SCRIPTS/iskljuci_wifi.sh  
2018 Oct 6 21:05:02 FW user.err root: [System error] CODE_SYS_ERROR (000.000.000) - Unexpected error: attempt to index upvalue '' (a nil value) (Log reference: 153885

The scripts to turn of the wifi:

#!/bin/bash -f
clish -c "set wlan radio off"

Can somebody explain me the error i can see in the log?

Thanks,

0 Kudos

Re: R77.20.80, cpdiag and crond

Could you please share the line added to cron?

0 Kudos

Re: R77.20.80, cpdiag and crond

30 17 * * * /SCRIPTS/iskljuci_wifi.sh
00 07 * * * /SCRIPTS/ukljuci_wifi.sh
50 2 * * * /storage/cpdiag/bin/cpdiag --periodic

Regards,

0 Kudos

Re: R77.20.80, cpdiag and crond

Did you already try something like

* * * * * echo "testing123testing" | logger

in /var/spool/cron/crontabs/root - a egrep 'testing' /var/log/messages should show the success of the command. Running the script from CLI does work as expected?

0 Kudos

Re: R77.20.80, cpdiag and crond

The script works when run from cli manually so the syntax is correct. I will try what you have suggested ,see the result and will let you know.

Regards,

0 Kudos

Re: R77.20.80, cpdiag and crond

Am i right to assume that /SCRIPTS/iskljuci_wifi.sh  contains the complete path ? Maybe some environment variables are not present when triggered by cron - can you make a cron job that writes the env output to a file ? Then, compare it to the env output from bash CLI. I have had a similar issue before as you can see here: Activate bashUser via script on a Embedded Gaia device?

0 Kudos

Re: R77.20.80, cpdiag and crond

The scripts iskjuci_wifi.sh has the full path /SCRIPTS/iskljuci_wifi.sh. I have also put in the script a line that writes a text to a file and the result when crond run the scrips it is the same with the error:

2018 Oct 16 19:47:02 FW user.err root: [System error] CODE_SYS_ERROR (000.000.000) - Unexpected error: attempt to index upvalue '' (a nil value) (Log reference: 1539712022)

The only difference is that this time the script writes the text in the file...so the crond is executing the scripts and the script writes the text as expected but can't turn off the wlan.

0 Kudos

Re: R77.20.80, cpdiag and crond

This needs TAC involvement, i would suppose.

0 Kudos

Re: R77.20.80, cpdiag and crond

Hi,

To confirm, cron and cpdiag is only included in the 1400 series of devices, correct? I have just tried to access this on an 1180 appliance runnin R77.20.80 and it does not appear to work there..

eg

[Expert@1180_FWL1]# fw ver
This is Check Point's 1100 Appliance R77.20.80 - Build 455
[Expert@1180_FWL1]# cpdiag
-bash: cpdiag: command not found
[Expert@1180_LFWL1]# ls /pfrm2.0/etc/crontabs
ls: /pfrm2.0/etc/crontabs: No such file or directory
-bash: cron: command not found
[Expert@1180_FWL1]#

 

where as on a 1450 appliance I get:

[Expert@1450_FWL1]# fw ver
This is Check Point's 1450 Appliance R77.20.75 - Build 239
[Expert@1450_FWL1]# cpdiag
Log path: /opt/fw1/log/cpdiag.elg
CPDiag update:
Verifying CK
CK is 00-1C-7F-XX-XX-XX
Version is anp
bUseProxy is 1
Proxy is http://10.XX.XX.XX:8181
Found update, name is cpdiag_991100024.tar.gz, revision is 991100024
CPDiag running build: 991100014
CPDiag download center build: 991100024
Started downloading updated package
Download completed
Update returned: 1
Launching new version
Log path: /opt/fw1/log/cpdiag.elg
[Expert@1450_FWL1]# ls /pfrm2.0/etc/crontabs/
root
[Expert@1450_FWL1]#

0 Kudos

Re: R77.20.80, cpdiag and crond

Just to mention that cron daemon is for internal use only (no support from TAC for it). Whatever you add there will be reset one the next firmware upgrade so keep a copy of it somewhere.

0 Kudos