ccc - Common Check Point Commands - Page 8

Danny

🏆 Code Hub Contribution of the Year 2018!
🎓 Featured in official Maestro courseware!
👍 Endorsed by Check Point Support!
📕 Books: Max Power, FW Admin
▶️ YouTube: Intro

ccc script to run CLI tasks & show system info.

Installation

curl_cli $(if [[ `grep proxy:ip /config/active` ]];then echo -n '--proxy ';grep proxy:ip /config/active|cut -f2 -d' '|tr -d '\n';echo -n :;grep proxy:port /config/active|cut -f2 -d' ';fi) --cacert $CPDIR/conf/ca-bundle.crt https://dannyjung.de/ccc|zcat > /usr/bin/ccc && chmod +x /usr/bin/ccc;. ~/.bashrc

TheGrave · ‎2020-05-28

Am I the only one unable to read the changelog beyond version 1.5 on the website? No scroller, no nothing...Tried 3 different browsers.

Danny · ‎2020-07-12

Fixed in version 4.8

Matthew_H_00 · ‎2020-07-16

Great Job. Thanks for all your effort

Danny · ‎2020-07-20

I'm glad you like it. 👍

MarkWeber · ‎2020-07-17

Very usefull scripts, I also have mentioned it in our local Check Point NL newsletter.

A lot of our Check Point partners also like it!!

Malka_Rudy · ‎2020-07-21

Great Job!!!

Very useful, Thanks for sharing.

Rudy.

Faizal_MS · ‎2020-07-25

great script sir

G_W_Albrecht · ‎2020-07-29

RFE

Management Name : When .C not consistent with /etc/hosts, Warning with reference to sk42071 appears. This should better refer to sk112914: Cannot change R80 Security Management Server name from SmartConsole

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

CPIshai · ‎2020-08-03

Great Work Danny!

John_Fleming · ‎2020-08-13

funny... I remember a time when people would FREAK at the idea of 3rd party apps on Checkpoint. How times have changed. 😄

Danny · ‎2020-08-13

Some of these people are still around. Hello @Jake_Loots 🤣. But this is not just any 3rd party app, it's a simple Bash script everyone is invited to review, provide comments and improvements. It's used by many Check Point SEs, Check Point RnD and Diamond support folks and of course many end users. They love it. In fact Check Point even uses parts of this script in their own tools. Just review the credits in Check Points Gaia Health Check script. 😁 Yes, times have changed.

Jake_Loots · ‎2020-08-14

🤣

I didn't say that I would NOT run scripts like this...

... just that I would not run scripts like this ... without reading and understand the script first. That's just because I like to know what something does.

And as far as how times have changed, back in the old IPSO days, we had the third party add-ons like BASH and others. Of course that was the pre-Check Point Nokia days...

Ruan_Kotze · ‎2021-02-18

I've noticed a small bug, in the Performance Assessment section one cannot select #7, it wraps back around to the top after scrolling down to #6.

Thanks again for a fantastic tool!

Danny · ‎2022-01-01

Fixed in ccc v4.9

GHaider · ‎2021-11-19

running on Check Point Gaia R81.10

[Expert@fwnode2:0]# ccc
Unsupported OS

any update needed or should i just update the os support check?

Wolfgang · ‎2021-11-29

Got the same here. Maybee @Danny you get some time to find and fix the problem with this on R81.10.

[Expert@fwmgmt:0]# ccc
Usage:
cccd debug ... # print debug msgs to VPN log files

[Expert@fwmgmt:0]# /usr/bin/ccc
Unsupported OS

appendix...

The line with "cat /etc/cp-release...." has to be extend with R81.10 release information (now it's working fine)

Paul_Gademsky · ‎2021-12-08

Looked at the script (cat /usr/bin/ccc | grep "Unsupported OS") and there is no definition for R81.10.

OS=`cat /etc/cp-release | cut -c 13- | sed 's/^ *//g' | sed 's/\s*$//g'`; case `echo ${OS#*R*}` in 77.30|80.10|80.20|80.20SP|80.30|80.30SP|80.40|81|81.00) ;; *) echo "Unsupported OS"; exit 1; esac

I added it to the string

OS=`cat /etc/cp-release | cut -c 13- | sed 's/^ *//g' | sed 's/\s*$//g'`; case `echo ${OS#*R*}` in 77.30|80.10|80.20|80.20SP|80.30|80.30SP|80.40|81|81.00|81.10) ;; *) echo "Unsupported OS"; exit 1; esac

and now it seems to run. Haven't tested all the commands yet.

I'd wait for Danny to come back on this before distributing it to customers.

Danny · ‎2022-01-01

R81.10+ supported since ccc v4.9

genisis__ · ‎2022-01-01

Hi Danny,

Can you please update the download link to the newly released version, currently link points to: https://dannyjung.de/ccc_v4.8.gz

Danny · ‎2022-01-01

Thanks, I updated the download link. I never use it myself as I'm just copying & pasting the install script that automatically fetches and installs ccc.

KCFM · ‎2022-01-18

👍

Oliver_Fink · ‎2022-05-31

Do we have a naming conflict?

[Expert@xx-cp-vsx-gw02:0]# which ccc
/opt/CPsuite-R81.10/fw1/bin/ccc
[Expert@ms-cp-vsx-gw02:0]# file /opt/CPsuite-R81.10/fw1/bin/ccc
/opt/CPsuite-R81.10/fw1/bin/ccc: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), for GNU/Linux 2.6.9, stripped

Danny · ‎2022-05-31

That's just a symlink pointing to cccd, so no worries.

Oliver_Fink · ‎2022-06-01

I do not worry. But I have ccc in my private ${HOME}/bin. That is in ${PATH} after ${FWDIR}/bin. Maybe I am not the only one. That's all. 😉

Generally it is not a good idea to have commands with the same name and let ${PATH} decide, which one to run.

Danny · ‎2022-06-01

That's true. I was surprised that CP named a symlink ccc starting from R81.

However, I'm glad you like my tools and scripts.

Supporto_Checkp · ‎2022-06-09

hi Danny, thx for this amazing job!

i've found an error executing fw monitor from CCC 4.9

/usr/bin/ccc: eval: line 656: syntax error: unexpected end of file

using "super fw monitor" script only directly from that script it works fine.

Vladimir · ‎2022-06-09

Hi Danny,

The "Show assigned OfficeMode IPs seems to have an issue:

[Executing:]# fw tab -t om_assigned_ips -f -u | grep UserName | awk '{print $15 $17}' | tr ';' ' ' | more
Using cptfmt
Formatting table's data - this might take a while...

Error: Failed to read field product
Error: Failed to read field product
UserName:Netmask:

Done.

FYI: perhaps it is related to me using external DHCP server for OfficeMode IPs.

The List Remote Access VPN Users returning correct values.

Thanks!

Danny · ‎2023-01-04

That's obviously related to your external DHCP.

Vladimir · ‎2023-01-04

Perhaps it could be modified in such a way to pull the IPs from "List Remote Access VPN Users", if external DHCP is in use?

Ruan_Kotze · ‎2022-06-09

Great work as usual Danny, I wonder how many hours you've saved me over the years 😁 P.S. Looking forward to ccc v5!

Filters

Sort By

Categories