Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

ccc - Common Check Point Commands

Danny
Champion Champion
Champion

🏆 Code Hub Contribution of the Year 2018!
🎓 Featured in official Maestro courseware!
👍 Endorsed by Check Point Support!
📕 Books: Max Power, FW Admin
▶️ YouTube: Intro

ccc script to run CLI tasks & show system info.

Installation


    curl_cli $(if [[ `grep proxy:ip /config/active` ]];then echo -n '--proxy ';grep proxy:ip /config/active|cut -f2 -d' '|tr -d '\n';echo -n :;grep proxy:port /config/active|cut -f2 -d' ';fi) -k https://dannyjung.de/ccc|zc
...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free

Disclaimer: Check Point does not provide maintenance services or technical or customer support for third party content provided on this Site, including in CheckMates Toolbox. See also our Third Party Software Disclaimer.




(2)
244 Replies

Joshua_Hatter
Employee
Employee
0 Kudos

HeikoAnkenbrand
Champion Champion
Champion

Hi, Denny,

can you insert the version number into the ccc.zip. So, we can see the current version.

Thanks in advance.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


Danny
Champion Champion
Champion

Done.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


6dd15084-b97a-4
Contributor
I have some question
1. is this CP authorized script (if I run this on CP mgmt. & G/G)
2. step by step process to run this command
;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

_Val_
Admin
Admin

@6dd15084-b97a-4 No, this is a community development  @Danny is the author. 

Concerning the second question, you will understand the use once you open it the very first time.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

DR_74
Contributor

Hello,

Great job!

If I can make some suggestions for improvement:

- adding the Jumbo HF installed on top the menu (with alreday gathered information)

- AV / URL filtering / Abot version if possible

Regards

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

PVADS
Participant

Really really good tool

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Pascal_Mbg
Explorer

Realy great job Danny!

Merci

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

HeikoAnkenbrand
Champion Champion
Champion

thx

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Maarten_Sjouw
Champion
Champion

Found 1 more very useful thing I use.

Ping Sweep:
for i in {97..110}; do ping -c 1 -W 1 10.10.10.$i | grep 'from'; done

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


Paul_Gademsky
Employee Employee
Employee

Wonderful tool, I'll go through my buttons in CRT and see if there are any additions to make.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

G_W_Albrecht
Legend Legend
Legend

Very fine indeed! A cosmetical issue: My single GW R80.10 shows "No product has flag" when cpstat is issued, same on CLI - the equivalent R77.30 does not (cpstat -f all ha on R77.30 CLI gives "-" for all table values):


[Expert@GW_80.10:0]# ccc
 No product has flag 'ha'
 No product has flag 'ha'
 No product has flag 'ha'
--------------------------------------------------v1.4--
  ccc > GW_80.10
--------------------------------------------------------
  System: Firewall Gateway
  Appliance / Serve

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

G_W_Albrecht
Legend Legend
Legend

I freely admit that it does really not make much sense, but i have tested it - again - on a SMB 730, just for fun :

[Expert@seven-eleven]# ccc
/usr/bin/ccc: line 13: /etc/profile.d/CP.sh: No such file or directory
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/us

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

G_W_Albrecht
Legend Legend
Legend

The StandAlone 700 ccc shows the external Log server IP as Management IP - but a managed 1200R ccc also shows the SMS name:

[Expert@zwelfhundertr]# ccc
/usr/bin/ccc: line 13: /etc/profile.d/CP.sh: No such file or directory
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Dr__Chris_Murph
Participant

I am like this script for troubleshooting.

nice

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Shehan_Wickrama
Collaborator

Hey thank you for the script.

You can add lvm_manager to the list as well for disk partitioning stuff.

Thanks

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Danny
Champion Champion
Champion

Check implemented in version 1.5. Embedded Gaia is not supported.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


Danny
Champion Champion
Champion

Check implemented in version 1.5. Embedded Gaia is not supported.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


Danny
Champion Champion
Champion

Implemented in version 1.5

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


G_W_Albrecht
Legend Legend
Legend

Yes i do know that Embedde GAiA is not supported - i have explained that it does really not make much sense to run it there... I just wanted to check some of the used commands that do make sense in that environment .

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Danny
Champion Champion
Champion

Solved in version 1.6

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


AlekseiShelepov
Advisor

Danny I see some strange behavior when trying v1.6.

If I understood the environment expressions correctly, it should just check if CP.sh file is present on the device. But even with CP.sh present, it shows "Unsupported Environment" on MDS.

On MDS R77.30 + JHA_266:

[Expert@MDS:0]# ls -l /usr/bin/ccc
-rwxr-x--- 1 admin root 26609 Apr 11 08:22 /usr/bin/ccc
[Expert@MDS:0]# ls -l /etc/profile.d/CP.sh
-rwxr-xr-x 1 admin root 90 Dec 1 2014 /etc/profile.d/CP.sh

[Expert@MDS:0]#cat /etc/pro

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

G_W_Albrecht
Legend Legend
Legend

On R77.30 1.6 is working real fine Smiley Happy - but my R80.10 SMS gives:


[Expert@SMS8010:0]# ccc
Unsupported Environment
[Expert@SMS8010:0]# cat /etc/profile.d/CP.sh
if [ -r /opt/CPshrd-R80/tmp/.CPprofile.sh ]; then
        . /opt/CPshrd-R80/tmp/.CPprofile.sh
fi
;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Danny
Champion Champion
Champion

Fixed in version 1.7

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


Danny
Champion Champion
Champion

Fixed in version 1.7

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


G_W_Albrecht
Legend Legend
Legend

This script has really evolved very much during the last weeks Smiley Happy ! My SMS now again likes it, but last line seems not alright:

ccc > SMS8010
--------------------------------------------------------
  System: SmartEvent Server
  Appliance / Server: VMware Virtual Platform
  Version: Check Point Gaia R80.10
  Uptime: 28 days
  Gateway managed by: localhost (IP: )

This is a SMS with enabled SmartEvent only.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Danny
Champion Champion
Champion

I'm aware of this. I'll develop a better checking routine to clearly identify which type of system the script is actually running on. Neither Check Point's Healthcheck script nor CPview utility do it any better at the moment.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


G_W_Albrecht
Legend Legend
Legend

Yes, i know 😞 Looks like only many greps on $CPDIR/registry/HKLM_registry.data will provide all information.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

G_W_Albrecht
Legend Legend
Legend

Another nice but barely documented command also could help here:

cpprod_util FwIsFirewallModule
cpprod_util FwIsActiveManagement

Only that the following does not work as i did expect it to:

cpprod_util FwIsReportingServerMgmt
cpprod_util FwIsLogConsolidatorMgmt
cpprod_util FwIsLogServer

as it all gives 0 on my SMS. I wonder if we could somehow learn about the string arguments for

cpprod_util CPPROD_CheckProduct ....
;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

G_W_Albrecht
Legend Legend
Legend

I found another way:

[Expert@SMS8010:0]# cpprod_util CPPROD_GetKeyValues Products 0
IDA
KAV
CPFC
FW1
SecurePlatform
CPinfo
DIAG
SmartPortal
Reporting Module
CPuepm
VSEC
SmartLog
MGMTAPI
R7520CMP
R7540CMP
R7540VSCMP
R76CMP
SFWR77CMP
R77CMP
R75CMP
NGXCMP
EdgeCmp
SFWCMP
FLICMP
SFWR75CMP
CPUpdates

[Expert@GW_80.10:0]# cpprod_util CPPROD_GetKeyValues Products 0
IDA
CPFC
FW1
SecurePlatform
CPinfo
DIAG
PPACK
CVPN
CPUpdates
;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos