Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
sdellsperger
Contributor
Jump to solution

How to add applications with whitespace to an application group?

Hi together,

I'd like to add a application, which includes a whitespace in the name to an application group via clish.

Something like that:

add application-group name "testApplication"
set application-group name "testApplication" add application-name "FTP Protocol"

I already tried to escape the whitespace:

add application-group name "testApplication"

set application-group name "testApplication" add application-name "FTP\ Protocol"

Unfortunately there is alway the same error:

Illegal characters in application-group name

Has someone a solution for this problem?

Thanks.

Best Regards

Severin Dellsperger

1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend

My SQLiteDatabaseBrowserPortable has an export option:

tagsdescriptionnameappIdudpServicestcpServices
Tunnels,Encrypts communications,Critical Risk,AnonymizerProprietary Tunneling Tools is used to detect various tools who employ a communications protocol owned by a single organization or individual where usually one controls both client and server software. Supported from: R75.40.Proprietary Tunneling Tools6051876280
Autostarts/Stays Resident,Stealth Tactics,Web Advertisements,Bundles Software,Medium Risk7FaSSt provides you an IE toolbar with a search field which queries the engine 7search.com. The addresses of all Explorer windows are passed to the server fstrack.7search.com. This includes the URLs of all web pages visited, pseudo-URLs like 'about:', and the names of folders, images and other objects in local file system. A unique user ID is used to track you across addresses visited. Cookies are also issued if you use the search toolbar. Supported from: R75.7FaSSt1000041980,443
Autostarts/Stays Resident,Low Risk,Browser PluginAn Internet Explorer toolbar that provides search features. Supported from: R75.My Search Bar1000049080
Autostarts/Stays Resident,Opens ports,Allows remote control,High Bandwidth,Supports File Transfer,High Risk,Remote AdministrationRadmin is a remote control software for Microsoft Windows which uses the Mirror Driver to remotely control another computer. Supported from: R75.Radmin100005784899
Autostarts/Stays Resident,Low Risk,Browser PluginThis is a search browser plugin. Supported from: R75.My Quick Search Bar1000099280
Adds other software,High Bandwidth,Supports File Transfer,BitTorrent protocol,eDonkey,High Risk,P2P File SharingFlashGet is a download manager that splits downloaded files into sections for an increase in download speed. Supported from: R75.FlashGet1000117680
Adds other software,High Bandwidth,Supports File Transfer,Encrypts communications,Gnutella protocol,Share Files,UDP Protocol,High Risk,P2P File SharingFrom XoloX EULA:  XoloX is partially supported by advertising revenues, however we are making every attempt to limit the amount of advertising delivered to you and to make that advertising as non-intrusive as possible. Supported from: R75.Xolox1000134680
Adds other software,High Bandwidth,Supports File Transfer,Bundles Software,eDonkey,High Risk,P2P File SharingJubster is a Windows-based peer-to-peer client that is used for finding MP3 files. Supported from: R75.Jubster1000134880
Opens ports,High Bandwidth,Supports File Transfer,Encrypts communications,BitTorrent protocol,Share Files,UDP Protocol,High Risk,P2P File SharingWarez.com allows users to search and download torrent files from other torrent websites. Supported from: R75.Warez1000135180,32285,6000,6346-6351
Opens ports,High Bandwidth,Supports File Transfer,Bundles Software,Encrypts communications,BitTorrent protocol,Gnutella protocol,Share Files,UDP Protocol,High Risk,P2P File SharingTrustyfiles allows users to search and download files using the Gnutella and Bittorrent networks. Supported from: R75.TrustyFiles1000135280
Opens ports,Bundles Software,Encrypts communications,Share Files,UDP Protocol,High Risk,P2P File SharingTwister allows the user to search through different search engines in order to download mp3 files. Supported from: R75.Twister1000135380
Adds other software,High Bandwidth,Supports File Transfer,Encrypts communications,Gnutella protocol,Share Files,UDP Protocol,High Risk,P2P File SharingBearshare is a peer-to-peer file sharing application. It uses IM2Net P2P network Protocol. Supported from: R75.BearShare1000135780-80,443-443

I have added the appCategory DB now to the xlsx.

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

17 Replies
HristoGrigorov

99.9999% sure that only these are allowed for object names: 0-9A-Za-z-_ 

Whitespaces are not supported in R77.

0 Kudos
sdellsperger
Contributor

I agree, anyway Checkpoint is using whitespace in their default applications. My goal is to automatically add this system applications via script.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

You find that in sk40179: What are the characters and reserved words forbidden for use in Check Point Security Gatewa...

Illegal characters

  •   (space)
  • + (plus sign)
  • * (asterisk)
  • ( (left parenthesis)
  • ) (right parenthesis)
  • { (left curly brace)
  • } (right curly brace)
  • [ (left square bracket)
  • ] (right square bracket)   
  • ? (question mark)
  • ! (exclamation mark)
  • # (number/pound sign)   
  • < (less-than sign)
  • > (greater-than sign)
  • = (equals sign)
  • , (comma)
  • : (colon)
  • ; (semi-colon)
  • ' (single quote)
  • " (double quote)
  • ` (back quote)
  • / (slash)
  • \ (backslash)
  • \t (horizontal tabulation)
  • @ (at sign)
  • $ (dollar sign)
  • % (percent sign)
  • ^ (caret)
  • | (vertical bar, pipeline)
  • & (ampersand)
  • ~ (tilde)

That should be true for all CP versions and platforms.

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
HristoGrigorov

Btw, these restrictions apply to the gateway. Starting from R80.10 in Smart Console it is possible to use just any characters. The management server will internally convert it to a format acceptable by the gateway.

0 Kudos
sdellsperger
Contributor

Yes i know the limitations, but I try to add checkpoint (default) system applications, which include whitespace in their name. What can I do when checkpoint don't follow their own rules...

Is there maybe another solution?

0 Kudos
Tom_Hinoue
Advisor
Advisor

I believe currently we can only add applications with space in clish by specifying the application-id, and not the application name because of this limitation... this workaround is also cited in SK109272.

sdellsperger
Contributor

OK, thanks for the information.

Do you know if the application ID remains the same on all firewalls?

0 Kudos
Tom_Hinoue
Advisor
Advisor

Yes, the application database should share the same application ID regarding predefined Check Point application and application categories on maintrain and SMB appliances.

sdellsperger
Contributor

OK, thank you for your help!

0 Kudos
sdellsperger
Contributor

So I tried to script my application-groups with the corresponding IDs.

Than the next problem occurs:

- Categories/Tags like "High Risk", "Critical Risk", "Hate / Racism", etc. don't get a application ID.

Has someone an idea how to add this tags to an application group?

Thanks.

0 Kudos
Tom_Hinoue
Advisor
Advisor

FYI, here are some application IDs for some categories you mentioned in this thread.

High Risk - 51000004

Critical Risk - 51000005

Hate / Racism - 14
FTP Protocol - 50000190

To check this, what I do often is to copy the "appi.db" application database file from  [/storage/appi/update/] directory via SCP to my desktop, and then open the "appi.db" file with database browsers like "DB browser for SQLite" to see the ID's of an specific application or category. Very handy in my opinion Smiley Happy

sdellsperger
Contributor

Made my day! Thanks a lot, I will try it asap Smiley Happy

G_W_Albrecht
Legend Legend
Legend

I did suspect strongly that these IDs are in a database - in fact, i have studied ips.db already using SQLiteDatabaseBrowserPortable.exe and it is very, very interesting...

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Tom_Hinoue
Advisor
Advisor

Interesting indeed  

It works the same for other db files, like [system.db] where we find it in the appliance or archived backups.

I wonder if we can use the sqlite3 syntax for searching these ID's in expert mode like sk112338 - How to export application database to csv 

G_W_Albrecht
Legend Legend
Legend

My SQLiteDatabaseBrowserPortable has an export option:

tagsdescriptionnameappIdudpServicestcpServices
Tunnels,Encrypts communications,Critical Risk,AnonymizerProprietary Tunneling Tools is used to detect various tools who employ a communications protocol owned by a single organization or individual where usually one controls both client and server software. Supported from: R75.40.Proprietary Tunneling Tools6051876280
Autostarts/Stays Resident,Stealth Tactics,Web Advertisements,Bundles Software,Medium Risk7FaSSt provides you an IE toolbar with a search field which queries the engine 7search.com. The addresses of all Explorer windows are passed to the server fstrack.7search.com. This includes the URLs of all web pages visited, pseudo-URLs like 'about:', and the names of folders, images and other objects in local file system. A unique user ID is used to track you across addresses visited. Cookies are also issued if you use the search toolbar. Supported from: R75.7FaSSt1000041980,443
Autostarts/Stays Resident,Low Risk,Browser PluginAn Internet Explorer toolbar that provides search features. Supported from: R75.My Search Bar1000049080
Autostarts/Stays Resident,Opens ports,Allows remote control,High Bandwidth,Supports File Transfer,High Risk,Remote AdministrationRadmin is a remote control software for Microsoft Windows which uses the Mirror Driver to remotely control another computer. Supported from: R75.Radmin100005784899
Autostarts/Stays Resident,Low Risk,Browser PluginThis is a search browser plugin. Supported from: R75.My Quick Search Bar1000099280
Adds other software,High Bandwidth,Supports File Transfer,BitTorrent protocol,eDonkey,High Risk,P2P File SharingFlashGet is a download manager that splits downloaded files into sections for an increase in download speed. Supported from: R75.FlashGet1000117680
Adds other software,High Bandwidth,Supports File Transfer,Encrypts communications,Gnutella protocol,Share Files,UDP Protocol,High Risk,P2P File SharingFrom XoloX EULA:  XoloX is partially supported by advertising revenues, however we are making every attempt to limit the amount of advertising delivered to you and to make that advertising as non-intrusive as possible. Supported from: R75.Xolox1000134680
Adds other software,High Bandwidth,Supports File Transfer,Bundles Software,eDonkey,High Risk,P2P File SharingJubster is a Windows-based peer-to-peer client that is used for finding MP3 files. Supported from: R75.Jubster1000134880
Opens ports,High Bandwidth,Supports File Transfer,Encrypts communications,BitTorrent protocol,Share Files,UDP Protocol,High Risk,P2P File SharingWarez.com allows users to search and download torrent files from other torrent websites. Supported from: R75.Warez1000135180,32285,6000,6346-6351
Opens ports,High Bandwidth,Supports File Transfer,Bundles Software,Encrypts communications,BitTorrent protocol,Gnutella protocol,Share Files,UDP Protocol,High Risk,P2P File SharingTrustyfiles allows users to search and download files using the Gnutella and Bittorrent networks. Supported from: R75.TrustyFiles1000135280
Opens ports,Bundles Software,Encrypts communications,Share Files,UDP Protocol,High Risk,P2P File SharingTwister allows the user to search through different search engines in order to download mp3 files. Supported from: R75.Twister1000135380
Adds other software,High Bandwidth,Supports File Transfer,Encrypts communications,Gnutella protocol,Share Files,UDP Protocol,High Risk,P2P File SharingBearshare is a peer-to-peer file sharing application. It uses IM2Net P2P network Protocol. Supported from: R75.BearShare1000135780-80,443-443

I have added the appCategory DB now to the xlsx.

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Tom_Hinoue
Advisor
Advisor

Oh, great! thanks for sharing the list (even with IPS) Smiley Happy 
You're right, maybe its faster to export from the db browser than doing tricks with the sqlite on the appliance, pushed myself the hardway.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

If you are fluent with SQL, CLI might be easier, but the browser does a good job after you have found out how / with which options to export...

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events