ccc - Common Check Point Commands - Page 3

Danny

🏆 Code Hub Contribution of the Year 2018!
🎓 Featured in official Maestro courseware!
👍 Endorsed by Check Point Support!
📕 Books: Max Power, FW Admin
▶️ YouTube: Intro

ccc script to run CLI tasks & show system info.

Installation

curl_cli $(if [[ `grep proxy:ip /config/active` ]];then echo -n '--proxy ';grep proxy:ip /config/active|cut -f2 -d' '|tr -d '\n';echo -n :;grep proxy:port /config/active|cut -f2 -d' ';fi) --cacert $CPDIR/conf/ca-bundle.crt https://dannyjung.de/ccc|zcat > /usr/bin/ccc && chmod +x /usr/bin/ccc;. ~/.bashrc

Joshua_Hatter · ‎2018-03-20

shell - Arrow key/Enter menu - Unix & Linux Stack Exchange

HeikoAnkenbrand · ‎2018-03-21

Hi, Denny,

can you insert the version number into the ccc.zip. So, we can see the current version.

Thanks in advance.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips

Danny · ‎2018-03-22

Done.

6dd15084-b97a-4 · ‎2019-07-19

I have some question
1. is this CP authorized script (if I run this on CP mgmt. & G/G)
2. step by step process to run this command

_Val_ · ‎2019-07-31

@6dd15084-b97a-4 No, this is a community development @Danny is the author.

Concerning the second question, you will understand the use once you open it the very first time.

DR_74 · ‎2018-03-23

Hello,

Great job!

If I can make some suggestions for improvement:

- adding the Jumbo HF installed on top the menu (with alreday gathered information)

- AV / URL filtering / Abot version if possible

Regards

PVADS · ‎2018-03-23

Really really good tool

Pascal_Mbg · ‎2018-03-23

Realy great job Danny!

Merci

HeikoAnkenbrand · ‎2018-03-23

thx

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips

Maarten_Sjouw · ‎2018-03-29

Found 1 more very useful thing I use.

Ping Sweep:
for i in {97..110}; do ping -c 1 -W 1 10.10.10.$i | grep 'from'; done

Regards, Maarten

Paul_Gademsky · ‎2018-03-29

Wonderful tool, I'll go through my buttons in CRT and see if there are any additions to make.

G_W_Albrecht · ‎2018-03-30

Very fine indeed! A cosmetical issue: My single GW R80.10 shows "No product has flag" when cpstat is issued, same on CLI - the equivalent R77.30 does not (cpstat -f all ha on R77.30 CLI gives "-" for all table values):

[Expert@GW_80.10:0]# ccc
No product has flag 'ha'
No product has flag 'ha'
No product has flag 'ha'
--------------------------------------------------v1.4--
ccc > GW_80.10
--------------------------------------------------------
System: Firewall Gateway
Appliance / Server: VMware Virtual Platform
Version: Check Point Gaia R80.10
Uptime: 22 days
Gateway managed by: SMS7520 (IP: 172.2......

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

G_W_Albrecht · ‎2018-03-30

I freely admit that it does really not make much sense, but i have tested it - again - on a SMB 730, just for fun :

[Expert@seven-eleven]# ccc
/usr/bin/ccc: line 13: /etc/profile.d/CP.sh: No such file or directory
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
--------------------------------------------------v1.4--
ccc > seven-eleven
--------------------------------------------------------
System: Firewall Gateway
Appliance / Server: CP 730
Version: Check Point GAiA Embedded R77.20
Uptime: 3 minutes
Gateway managed by: cp_sys_ExternalLogServer_0 (IP: 172.2...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

G_W_Albrecht · ‎2018-03-30

The StandAlone 700 ccc shows the external Log server IP as Management IP - but a managed 1200R ccc also shows the SMS name:

[Expert@zwelfhundertr]# ccc
/usr/bin/ccc: line 13: /etc/profile.d/CP.sh: No such file or directory
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
/usr/bin/ccc: line 31: tput: command not found
--------------------------------------------------v1.4--
ccc > zwelfhundertr
--------------------------------------------------------
System: Firewall Gateway
Appliance / Server: CP 1200R
Version: Check Point GAiA Embedded R77.20
Uptime: 10 days
Gateway managed by: SMS7520 (IP: 172.2...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Dr__Chris_Murph · ‎2018-03-30

I am like this script for troubleshooting.

nice

Shehan_Wickrama · ‎2018-04-04

Hey thank you for the script.

You can add lvm_manager to the list as well for disk partitioning stuff.

Thanks

Danny · ‎2018-04-10

Check implemented in version 1.5. Embedded Gaia is not supported.

Danny · ‎2018-04-10

Check implemented in version 1.5. Embedded Gaia is not supported.

Danny · ‎2018-04-10

Implemented in version 1.5

G_W_Albrecht · ‎2018-04-10

Yes i do know that Embedde GAiA is not supported - i have explained that it does really not make much sense to run it there... I just wanted to check some of the used commands that do make sense in that environment .

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Danny · ‎2018-04-10

Solved in version 1.6

AlekseiShelepov · ‎2018-04-11

Danny I see some strange behavior when trying v1.6.

If I understood the environment expressions correctly, it should just check if CP.sh file is present on the device. But even with CP.sh present, it shows "Unsupported Environment" on MDS.

On MDS R77.30 + JHA_266:

[Expert@MDS:0]# ls -l /usr/bin/ccc
-rwxr-x--- 1 admin root 26609 Apr 11 08:22 /usr/bin/ccc
[Expert@MDS:0]# ls -l /etc/profile.d/CP.sh
-rwxr-xr-x 1 admin root 90 Dec 1 2014 /etc/profile.d/CP.sh

[Expert@MDS:0]#cat /etc/profile.d/CP.sh
if [ -r /opt/CPshrd-R77/tmp/.CPprofile.sh ]; then
. /opt/CPshrd-R77/tmp/.CPprofile.sh
fi

[Expert@MDS:0]# ccc
zcat: stdin: unexpected end of file
Unsupported Environment

[Expert@MDS:0]#

On FW R77.20:

[Expert@FW:0]# ls -l /usr/bin/ccc
-rwxr-x--- 1 admin root 26609 Apr 11 08:22 /usr/bin/ccc
[Expert@FW:0]# ls -l /etc/profile.d/CP.sh
-rwxr-xr-x 1 admin root 90 Aug 9 2014 /etc/profile.d/CP.sh

[Expert@FW:0]# cat /etc/profile.d/CP.sh
if [ -r /opt/CPshrd-R77/tmp/.CPprofile.sh ]; then
. /opt/CPshrd-R77/tmp/.CPprofile.sh
fi
[Expert@FW:0]# ccc

zcat: stdin: unexpected end of file
/usr/bin/ccc: line 47: test: too many arguments
/usr/bin/ccc: line 48: test: too many arguments
--------------------------------------------------v1.6--
ccc > FW
--------------------------------------------------------
System: Firewall Cluster Node (HA) - Standby
Appliance / Server: Check Point 12400
Version: Check Point Gaia R77.20
Uptime: 188 days
Gateway managed by: CMA (IP: 1.1.2.3)
--------------------------------------------------------

[ MAIN MENU ]

Firewall-Management & Gateway >
Firewall-Management >
Firewall Gateway >
ClusterXL Troubleshooting >
ClusterXL Troubleshooting >
Multi-Core Performance Tuning >
VSX Troubleshooting >
MDS Troubleshooting >
Standalone Firewall & Management >
Threat Emulation >
Threat Extraction >

Also, "Usage: ..." is not displayed for me. Should it be visible?

G_W_Albrecht · ‎2018-04-11

On R77.30 1.6 is working real fine - but my R80.10 SMS gives:


[Expert@SMS8010:0]# ccc
Unsupported Environment
[Expert@SMS8010:0]# cat /etc/profile.d/CP.sh
if [ -r /opt/CPshrd-R80/tmp/.CPprofile.sh ]; then
        . /opt/CPshrd-R80/tmp/.CPprofile.sh
fi

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Danny · ‎2018-04-11

Fixed in version 1.7

Danny · ‎2018-04-11

Fixed in version 1.7

G_W_Albrecht · ‎2018-04-11

This script has really evolved very much during the last weeks ! My SMS now again likes it, but last line seems not alright:

ccc > SMS8010
--------------------------------------------------------
System: SmartEvent Server
Appliance / Server: VMware Virtual Platform
Version: Check Point Gaia R80.10
Uptime: 28 days
Gateway managed by: localhost (IP: )

This is a SMS with enabled SmartEvent only.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Danny · ‎2018-04-11

I'm aware of this. I'll develop a better checking routine to clearly identify which type of system the script is actually running on. Neither Check Point's Healthcheck script nor CPview utility do it any better at the moment.

G_W_Albrecht · ‎2018-04-11

Yes, i know 😞 Looks like only many greps on $CPDIR/registry/HKLM_registry.data will provide all information.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

G_W_Albrecht · ‎2018-04-11

Another nice but barely documented command also could help here:

cpprod_util FwIsFirewallModule
cpprod_util FwIsActiveManagement

Only that the following does not work as i did expect it to:

cpprod_util FwIsReportingServerMgmt
cpprod_util FwIsLogConsolidatorMgmt
cpprod_util FwIsLogServer

as it all gives 0 on my SMS. I wonder if we could somehow learn about the string arguments for

cpprod_util CPPROD_CheckProduct ....

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

G_W_Albrecht · ‎2018-04-11

I found another way:

[Expert@SMS8010:0]# cpprod_util CPPROD_GetKeyValues Products 0
IDA
KAV
CPFC
FW1
SecurePlatform
CPinfo
DIAG
SmartPortal
Reporting Module
CPuepm
VSEC
SmartLog
MGMTAPI
R7520CMP
R7540CMP
R7540VSCMP
R76CMP
SFWR77CMP
R77CMP
R75CMP
NGXCMP
EdgeCmp
SFWCMP
FLICMP
SFWR75CMP
CPUpdates

[Expert@GW_80.10:0]# cpprod_util CPPROD_GetKeyValues Products 0
IDA
CPFC
FW1
SecurePlatform
CPinfo
DIAG
PPACK
CVPN
CPUpdates

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Filters

Sort By

Categories