Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

FW Monitor SuperTool

Danny
Champion Champion
Champion

📕 Referenced in the book: Max Power 2020
▶️ Featured in How to use fw monitor

One-liner (Bash) to assist running fw monitor on Check Point firewall gateways.
In expert mode run:


    if [[ `$CPDIR/bin/cpprod_util FwIsFirewallModule 2>/dev/null` != *'1'* ]]; then echo; tput bold; echo ' Not a firewall gateway!'; tput sgr0; echo; else echo; printf '%.s-' {1..60}; echo; echo ' FW Monitor SuperTool'; printf '%.s-' {1..60}; echo; echo; tput bold; echo -n ' Add host IPs ';
...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free

Disclaimer: Check Point does not provide maintenance services or technical or customer support for third party content provided on this Site, including in CheckMates Toolbox. See also our Third Party Software Disclaimer.




(1)
38 Replies

Mike_Jensen
Advisor

Thank you Tim.  I did purchase your Max Capture series last week Friday and started it yesterday.  So far it is great material!  I look forward to the rest, especially the fw monitor section.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


genisis__
Leader Leader
Leader

Awesome Danny!

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Thomas_Dunlap
Participant

This is an awesome tool to make trouble shooting a little easier.  I added the last "fi;" then ran the script and got the following error. I admit I am running this in an old R77.20.87 (990173120) CP-730 device.

bash: tput: command not found
Add host IPs bash: tput: command not found
(leave empty for any): 

I ran the script using the defaults and it did run with the error.  Is this a shell issue?

Otherwise a great tool Thanks for taking the time to put this code together.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Danny
Champion Champion
Champion

This tool wasn't built for SMB appliances that run on Gaia Embedded OS.
tput and several other commands / parameters used by this one-liner are only available on standard Gaia.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

stephanenzi
Explorer

This is awwwwwweeeeesommmmeeee Danny thank you very much. I am new to checkpoint and this is helping me a whole lot in troubleshooting.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

ADe
Participant

I am sorry, but it is not working on my side , either at R81.10 not R80.20.25 (SMBs) :

------------------------------------------------------------
FW Monitor SuperTool
------------------------------------------------------------

Add host IPs (leave empty for any): 8.8.8.8
8.8.8.8 OK

Add ports (leave empty for any): 53
53 OK

Add protocol (tcp, udp, icmp):
any OK

Capture to file (leave empty for stdout):
Output to CLI

------------------------------------------------------------
Execut

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


Danny
Champion Champion
Champion

It's working as designed and documented. Neither SMB appliances nor the new -F syntax is supported yet.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

dotank2
Participant

hi

 

not work for me (cloudguard GW R81.10 and appliance R81.10).

the output i get is:


Add host IPs (leave empty for any): 172.30.25.27 8.8.8.8
172.30.25.27 OK
8.8.8.8 OK

Add ports (leave empty for any):
any OK

Add protocol (tcp, udp, icmp):
any OK

Capture to file (leave empty for stdout): test.out
Saving output to: test.out

------------------------------------------------------------
Executing ? [Expert@XXXXXXXX]#

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Danny
Champion Champion
Champion

@dotank2 : Tested on CloudGuard R81.20 and it works as intended:
image.png
-F simple syntax is not supported yet.
Let me know if this is a critical requirement for you.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos