- CheckMates
- :
- Products
- :
- Quantum
- :
- SMB Gateways (Spark)
- :
- Output of cprid truncated after receiving 60001 by...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Output of cprid truncated after receiving 60001 bytes
I use cprid to automate tasks with a bunch of different SMB appliances. This works fine when executing commands with less output (e.g. "show snmp traps receivers")
But when executing commands with larger output (e.g. "show configuration") the output is silently truncated after exactly 60001 bytes. This seems to be the case only with SMB appliances and is consistent and reproducible across different types of appliances and firmware levels:
This is Check Point's 1450 Appliance R77.20.87 - Build 120
This is Check Point's 1550 Appliance R80.20.50 - Build 773
This is Check Point's 1590 Appliance R80.20.50 - Build 773
This is Check Point's 1800 Appliance R80.20.40 - Build 665
Unfortunately there is no error message or other indicator that the output is incomplete. Full Gaia seems to be not affected.
cprid_util is invoked on SmartCenter Management Server (R81.10 - Build 029) like this:
cprid_util -server $gw -verbose rexec -rcmd clish -c "show configuration" > $gw.txt
Any advice?
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The output of "show configuration" could be saved to a file and transfered using cprid as found in sk101047.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is very likely expected behavior, given we do not allow you to run "one-time scripts" on SMB appliances in SmartConsole.
Recommend opening a TAC case to confirm.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would at least expect an error message or a return code other than 0 in case a command could not completed.
But this raises more questions:
1.) Are there technical reasons that it is "not allowed" (or to quote SmartConsole "not supported") to run scripts on SMB appliances? There are even official sk's where cprid_util is listed as official solution for certain tasks on SMB appliances!
2.) What is the "official" supported way to automate tasks on SMB appliances?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The technical reason for the limit on the amount of data returned by cprid is quite likely the limited resources (RAM) the SMB devices have versus our regular, non-SMB gateways.
That, I suspect, is the reason we don't allow this from SmartConsole.
That and the scripts you write for SMB devices would be different.
In any case, you should be able to use cprid with SMB devices, particularly since we document its usage in various SKs.
You'll just have to be mindful of the limit in terms of the amount of data returned by said commands.
The fact this isn't officially documented is an issue, and thus it's worth a TAC case to confirm the above and get it documented in an SK.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I asked the SMB R&D folks out-of-band about this issue with cprid and it turns out...it's not a limitation they're aware of.
Which means it's likely a bug and will require a TAC case to investigate and fix.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The output of "show configuration" could be saved to a file and transfered using cprid as found in sk101047.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
**bleep**! Wish I had read this before I went to the trouble or writing a script to backup / verify that no shifts in CLISH config were occurring without oversight on these devices. I have a very lovely bunch of 60001 byte files ... 😞
