Gaia fw interfaces detailed info

the_rock

This script provides detailed info on the currently configured interfaces.

Lab example:

[Expert@CP-GW:0]# ./cp_topology_report.sh
Writing report to: cp_topology_report_CP-GW_20260120-131201.txt
./cp_topology_report.sh: line 88: $2: unbound variable
[Expert@CP-GW:0]# more cp_topology_report_CP-GW_20260120-131201.txt
Check Point Topology Report - 20260120-131201

====================================================================
== System / Version
====================================================================

Hostname: CP-GW
Date: Tue Jan 20 13:12:01 EST 2026

Product version Check Point Gaia R82
OS build 777
OS kernel version 4.18.0-372.9.1cpx86_64
OS edition 64-bit

====================================================================
== Interfaces (Gaia clish - detailed)
====================================================================

Interface eth0
state on
mac-addr 50:01:00:06:00:00
type ethernet
link-state link up
mtu 1500
auto-negotiation off
speed 1000M
ipv6-autoconfig Not configured
monitor-mode off
duplex full
link-speed 1000M/full
comments external
ipv4-address 172.16.10.249/24
ipv6-address Not Configured
ipv6-local-link-address Not Configured

Statistics:
TX bytes:28944025384 packets:316269899 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:74584671836 packets:330102816 errors:0 dropped:461 overruns:0 frame:0

SD-WAN: Not Configured

Interface eth1
state on
mac-addr 50:01:00:06:00:01
type ethernet
link-state link up
mtu 1500
auto-negotiation off
speed 1000M
ipv6-autoconfig Not configured
monitor-mode off
duplex full
link-speed 1000M/full
comments internal
ipv4-address 2.3.4.5/29
ipv6-address Not Configured
ipv6-local-link-address Not Configured

Statistics:
TX bytes:0 packets:0 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:2837725500 packets:9214763 errors:0 dropped:461 overruns:0 frame:0

SD-WAN: Not Configured

Interface eth2
state on
mac-addr 50:01:00:06:00:02
type ethernet
link-state link up
mtu 1500
auto-negotiation off
speed 1000M
ipv6-autoconfig Not configured
monitor-mode off
duplex full
link-speed 1000M/full
comments dmz
ipv4-address 172.31.10.249/24
ipv6-address Not Configured
ipv6-local-link-address Not Configured

Statistics:
TX bytes:0 packets:0 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:2837725500 packets:9214763 errors:0 dropped:461 overruns:0 frame:0

SD-WAN: Not Configured

Interface eth2.100
state on
mac-addr 50:01:00:06:00:02
type vlan
link-state not available
mtu 1500
auto-negotiation off (eth2)
speed 1000M (eth2)
ipv6-autoconfig Not configured
monitor-mode Not configured
duplex full (eth2)
link-speed 1000M/full (eth2)
comments
ipv4-address 172.31.11.249/24
ipv6-address Not Configured
ipv6-local-link-address Not Configured

Statistics:
TX bytes:0 packets:0 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:0 packets:0 errors:0 dropped:0 overruns:0 frame:0

SD-WAN: Not Configured

Interface lo
state on
mac-addr Not configured
type loopback
link-state not available
mtu 65536
auto-negotiation off
speed N/A
ipv6-autoconfig Not configured
monitor-mode Not configured
duplex N/A
link-speed Not configured
comments
ipv4-address 127.0.0.1/8
ipv6-address Not Configured
ipv6-local-link-address Not Configured

Statistics:
TX bytes:4100025486 packets:20373445 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:4100025486 packets:20373445 errors:0 dropped:0 overruns:0 frame:0

SD-WAN: Not Configured

====================================================================
== Routing Table (Gaia clish)
====================================================================

Codes: C - Connected, S - Static, R - RIP, B - BGP (D - Default),
O - OSPF IntraArea (IA - InterArea, E - External, N - NSSA),
IS - IS-IS (L1 - Level 1, L2 - Level 2, IA - InterArea, E - External),
A - Aggregate, K - Kernel Remnant, H - Hidden, P - Suppressed,
NP - NAT Pool, U - Unreachable, i - Inactive

S 0.0.0.0/0 via 172.16.10.1, eth0, cost 0, active age 1915613
C 2.3.4.0/29 is directly connected, eth1
internal
C 127.0.0.0/8 is directly connected, lo
C 172.16.10.0/24 is directly connected, eth0
external
C 172.31.10.0/24 is directly connected, eth2
dmz
C 172.31.11.0/24 is directly connected, eth2.100

====================================================================
== ARP Table (Gaia clish - dynamic)
====================================================================

Dynamic Arp Parameters

IP Address Mac Address
172.16.10.177 50:01:00:03:00:00
172.16.10.188 50:00:00:02:00:00
172.16.10.252 50:01:00:0f:00:00
172.16.10.1 48:3a:02:96:47:2d

====================================================================
== Linux IP Address / Routes / Neighbors
====================================================================

### ip addr
1: lo: <LOOPBACK,PROMISC,DYNAMIC,AUTOMEDIA,PORTSEL,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:06:00:00 brd ff:ff:ff:ff:ff:ff
inet 172.16.10.249/24 brd 172.16.10.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:06:00:01 brd ff:ff:ff:ff:ff:ff
inet 2.3.4.5/29 brd 2.3.4.7 scope global eth1
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:06:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.31.10.249/24 brd 172.31.10.255 scope global eth2
valid_lft forever preferred_lft forever
5: gre0@NONE: <NOARP> mtu 1476 qdisc noop state DOWN qlen 1000
link/gre 0.0.0.0 brd 0.0.0.0
6: gretap0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
7: erspan0@NONE: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
8: eth2.100@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 50:01:00:06:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.31.11.249/24 brd 172.31.11.255 scope global eth2.100
valid_lft forever preferred_lft forever

### ip route
default via 172.16.10.1 dev eth0 proto 7
2.3.4.0/29 dev eth1 proto kernel scope link src 2.3.4.5
172.16.10.0/24 dev eth0 proto kernel scope link src 172.16.10.249
172.31.10.0/24 dev eth2 proto kernel scope link src 172.31.10.249
172.31.11.0/24 dev eth2.100 proto kernel scope link src 172.31.11.249

### ip neigh
172.16.10.1 dev eth0 lladdr 48:3a:02:96:47:2d REACHABLE
172.16.10.252 dev eth0 lladdr 50:01:00:0f:00:00 REACHABLE
172.16.10.177 dev eth0 lladdr 50:01:00:03:00:00 STALE
172.16.10.188 dev eth0 lladdr 50:00:00:02:00:00 STALE

====================================================================
== Cluster State (if ClusterXL)
====================================================================

### cphaprob stat

HA module not started.

This gateway not configured as cluster

### cphaprob -a if

HA module not started.

Warning: Sync will not function since there aren't any sync(secured) interfaces

====================================================================
== VPN Tunnels (if enabled)
====================================================================

[Expert@CP-GW:0]#

Best,
Andy
"Have a great day and if its not, change it"

Bob_Zimmerman · ‎2026-01-20

I see the example output, but not a link to the script. Where is it?

the_rock · ‎2026-01-20

Sorry about that, just uploaded it.

Best,
Andy
"Have a great day and if its not, change it"

Vincent_Bacher · ‎2026-01-21

Strange. Tryed to run this script and got following error

./cp_topology_report.sh
Writing report to: cp_topology_report_***_20260121-104132.txt
./cp_topology_report.sh: line 88: $2: unbound variable

Analysing the script i see following:

IFACES="$(ip -o link show | awk -F': ' '{print $2}' | cut -d'@' -f1 | grep -v '^lo$' || true)"

For my understanding, the single quotes in '{print $2}' break the outer single quotes of the bash -lc '...' block.
In my case this caused $2 to be interpreted as a shell variable (which does not exist) instead of an awk variable.

On my device when replacing this line by

IFACES="$(ip -o link show | awk -F'"'"': '"'"' '"'"'{print $2}'"'"' | cut -d'"'"'@'"'"' -f1 | grep -v '"'"'^lo$'"'"' || true)"

it worked

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite

Vincent_Bacher · ‎2026-01-21

I had a long and completely unnecessary meeting where I just had to listen. So I played around with the co-pilot a bit, and he added an output in a spruced-up HTML format to your script for me. 😄

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite

the_rock · ‎2026-01-21

Fair enough, thank you!

Best,
Andy
"Have a great day and if its not, change it"

Vincent_Bacher · ‎2026-01-21

Does it work on your end?

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite

the_rock · ‎2026-01-21

Yes sir!

Best,
Andy
"Have a great day and if its not, change it"

Filters

Sort By

Categories

Gaia fw interfaces detailed info

Disclaimer: Check Point does not provide maintenance services or technical or customer support for third party content provided on this Site, including in CheckMates Toolbox. See also our Third Party Software Disclaimer.