This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jones_Jardel_Po
Contributor
‎2018-07-24 01:49 PM

Changing PBR rules using expert user

Hello guys!

There is a way to change PBR rules using the expert mode?

7 Replies
PhoneBoy
Admin
Admin
‎2018-07-24 08:43 PM

While it may be possible to change PBR outside of clish, it is not supported.

You can call clish commands from expert mode.

But the question is: why do you want to do this?

0 Kudos
Jones_Jardel_Po
Contributor
‎2018-07-25 05:52 AM
In response to PhoneBoy

Hi Dameon,

Thank you for your reply.

I'm looking for it because I'm working with GRE tunnels on security gateways, monitoring the tunnels and performing traffic decisions based on the monitoring, so, using the PBR or interface up/down...

0 Kudos
PhoneBoy
Admin
Admin
‎2018-07-25 09:36 AM
In response to Jones_Jardel_Po

As you're probably aware, GRE Tunnels aren't actually supported on Gaia currently.

See: Can users create a GRE tunnel on Gaia OS? 

It may be possible to use standard Linux commands to configure policy routing.

However, routing on Gaia is controlled by routed and any changes made outside of clish/WebUI are not guaranteed to work or remain in effect for any period of time.

0 Kudos
Jones_Jardel_Po
Contributor
‎2018-07-25 09:39 AM
In response to PhoneBoy

It may be possible to use standard Linux commands to configure policy routing.

However, routing on Gaia is controlled by routed and any changes made outside of clish/WebUI are not guaranteed to work or remain in effect for any period of time.

It's exactly what I saw. Because of that I'm asking more details about.

Thank you Dameon.

0 Kudos
PhoneBoy
Admin
Admin
‎2018-07-25 09:49 AM
In response to Jones_Jardel_Po

http://linux-ip.net/gl/ip-cref/

I would refer you to generic Linux documentation in this case, perhaps: ip-cref 

But like I said, no guarantees it will work since this configuration is actually controlled through routed. 

0 Kudos
Jones_Jardel_Po
Contributor
‎2018-08-01 09:41 AM
In response to PhoneBoy

I found the sk106938 - How to run Clish commands from Expert mode and it is was I was looking for.

Using the clish I can run clish shell commands under expert mode and then get or change PBR table actions or rules.

Thanks.

0 Kudos
PhoneBoy
Admin
Admin
‎2018-08-01 10:00 AM
In response to Jones_Jardel_Po

Or you could do that Smiley Happy

I thought the issue had more to do with the use of unsupported interface types (e.g. the GRE ones) thus you couldn't use the clish commands.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top