I looked into this when researching the second edition of my book, and there is simply no way to disable APCL/URLF "on the fly" for a security gateway without unchecking those features on the firewall object and reinstalling policy.  As to why, my guess is that APCL/URLF policy enforcement is a bit too tightly intertwined with Stateful Inspection and the other key firewall operations.  IPS/TP is more separated though, and can be disabled on the fly with the ips off and fw amw unload commands as detailed in my CPX360 presentation here:

Best of CheckMates CLI 

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

Hi and thank you for all the effort  Nicely done! 

I've found a syntax error in FIREWALL TROUBLESHOOTING -> CheckPoint Appliance -> show sysenv all 

Command is:  clish -c "show sysenv all | more" and ends with error: Invalid command:'show sysenv all | more'.

I think command should be: clish -c "show sysenv all" | more

Best regards  

Fixed in version 3.5

Hi Danny

There is a non ASCII Character in the ccc Skript. line 58:

TIME=`cpstat fw | grep "Install time" | awk '{print $4" "$5" "$7" ´"$6}' | cut -d':' -f1,2`; echo -n .

Between the $7 and the $6. Can you please remove it?

Thanks and best regards
Martin

Fixed in version 3.6

How about adding (as per sk62873)

cpca_client lscert -kind SIC

... to view all SIC certificates?

Maybe even limited to list those with expiration e.g. +/- 90 days.

What about to check if LOM is available and in case yes, what is the version ? Compare the installed version with the latest LOM firmware map and inform user that it would be good idea to upgrade LOM. This check would be better available within Healthcheck script.

What a great job.

Thanks a lot!

Great!

Thanks

That's already integrated, see: cpca_client lscert | grep -A 2 cp_mgmt

Thanks; I'll check it out 🙂

Thank you Danny for such a great work.

is it possible to have a Custom commands section where users can easily add most used commands so they can easily access those commands which are used almost everyday in that particular environment.

I know I might be asking too much but it would be great if people can add their custom commands in one section, by following simple instructions editing the script.

That's a great idea. The most practical way to organize and run custom commands would probably be the first version of this script.

Just compare version 1 vs. version 2 to see the first version with the basic commands include. It allows for easy modification and customization

Thanks Danny for your prompt response. the above hyperlink did not work as It says I am not authorised. any other place I can get hold of older version please?

#!/bin/bash

echo "## Custom Check Point commands ##"
echo "1: cat /etc/cp-release - Show Check Point version"
echo "2: cplic print -x - Show installed CP licenses"
echo "3: df -h - Show available disk space"
echo ""
echo -en "Select a command: "

read i; case $i in
  1) cat /etc/cp-release ;;
  2) cplic print -x ;;
  3) df -h ;;
  *) exit 0
esac
exit 0‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Thanks a lot

Hi Danny,

is version 3.9 live now?

I still see  v3.8 in the script on below URL

http://dannyjung.de/ccc_v3.9.gz

Thanks, I just fixed it.

Ok Thanks for that. So the script will ask the user if he wants to update?

also what other user control options have been added please?

Does this need to be installed on all CP nodes, or can it exist on the management server, and use to connect to the managed nodes?

Currently it's intended to install the script on each CP system.

I just have found out that using GAiA WebGUI Terminal window or Dashboard > Actions > Open Shell..., ccc navigation will not work - cursor moves one line down, then no more.

RFE: in FW Management + GW, we can find

# cpvinfo /opt/CPda/bin/DAService | grep Build

Build Number = 1671

But why not use the full command from sk92449 instead ?

# cpvinfo $DADIR/bin/DAService | grep -E "Build|Minor"

Build Number = 1671
Minor Release = megatron_ms1

Very nice nu version !  But:

System Firewall Management (with Smart Event)
Type VMware Virtual Platform
Status during initialization
OS Gaia R80.20 JHF (Take 73) @ 64-bit
CPU 2 Cores | Load 8.45%
RAM 18 GB (Free: 11 GB) | Swapping 0 GB
Core dumps - | Crash dumps: -
Disk use / 19390744% | /var/log/ 6555932%

# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_splat-lv_current 38G 18G 19G 48% /
/dev/sda1 289M 24M 251M 9% /boot
tmpfs 8.8G 4.0K 8.8G 1% /dev/shm
/dev/mapper/vg_splat-lv_log 25G 17G 6.3G 73% /var/log