Solved: Command to show the number of permitted cores

Danny · ‎2018-08-20

I'm looking for Bash command to show the number of permitted (licensed) cores of any Check Point GAiA system, even when CoreXL is not enabled.

Thanks in advance!

Danny · ‎2018-08-20

I created this one-liner:

case `cpstat os | grep "Appliance Name" | tr -s ' ' | cut -c17-21` in Check) grep -c ^processor /proc/cpuinfo;; *) cplic print -p 2>/dev/null | tr ' ' '\n' | grep fw1:6.0:mc_all_ | cut -c 16- | awk '{ sum += $1 } END { print sum }';; esac

and added it to our Common Check Point Commands (ccc) script.

View solution in original post

Henning_Gunders · ‎2018-11-20

Scripting is cool, but why not simplify it, by using the good old CLI command?

fw ctl get int fwlic_num_of_allowed_cores
fwlic_num_of_allowed_cores = 16

View solution in original post

PhoneBoy · ‎2018-08-20

It’s encoded in the license string, which means cplic print -p should show it.

Danny · ‎2018-08-20

I created this one-liner:

case `cpstat os | grep "Appliance Name" | tr -s ' ' | cut -c17-21` in Check) grep -c ^processor /proc/cpuinfo;; *) cplic print -p 2>/dev/null | tr ' ' '\n' | grep fw1:6.0:mc_all_ | cut -c 16- | awk '{ sum += $1 } END { print sum }';; esac

and added it to our Common Check Point Commands (ccc) script.

View solution in original post

PhoneBoy · ‎2018-08-21

On my system, the above command shows I am licensed for 16 cores, which I know to be false.

My system has two CPSG-CPSM-EVAL licenses, each of which contains 8 cores.

Also, one of the licenses is expired

Licensed cores are NOT additive, either.

Danny · ‎2018-08-22

Licensed cores are NOT additive?

What is this SmartUpdate message meaning then:

I added a 4-Core license to an 8-Core Eval license and are told to licensed for 12 cores now. This means licensed cores are additive, no?

PhoneBoy · ‎2018-08-23

Technically they're not supposed to be.

Danny · ‎2018-08-23

Well.. I can see CoreXL technically using all 12 cores.

_Val_ · ‎2018-08-23

might be just a glitch with eval license

Norbert_Bohusch · ‎2018-08-28

Technically this was the only way to license more than 8 cores before bigger core number came out

Danny · ‎2018-08-28

I found another issue with my one-liner when SMT is enabled:

The license contains just a string for 8 cores. However, with SMT enabled 16 cores are shown on the system and CoreXL actively uses them. Looks like I need to advance my one-liner a little more.

_Val_ · ‎2018-08-28

Did you try rebooting this system. Number of cores is checked during boot against the license. Any chance you have had eval and did not reboot after it expired?

JozkoMrkvicka · ‎2018-08-21

In case gateway is using "new" license string where some features cannot be found in cp.macro, it gives you following output:

[Expert@GWA:0]# cplic print -p | tr ' ' '\n' | grep fw1:6.0:mc_all_ | cut -c 16- | awk '{ sum += $1 } END { print sum }'
 Warning: Can't find ::CPSB-CTNT in cp.macro. License version might be not compatible
8
‍‍‍‍‍‍‍

Kind regards,
Jozko Mrkvicka

_Val_ · ‎2018-08-22

Its okay, eval license might contain more features than known and supported with the version you use

Danny · ‎2018-08-28

Jozko Mrkvicka : Could you please try if the following command resolves the Warning message?

cplic print -p 2>/dev/null | tr ' ' '\n' | grep fw1:6.0:mc_all_ | cut -c 16- | awk '{ sum += $1 } END { print sum }'

JozkoMrkvicka · ‎2018-08-28

Hi Danny Jung‌,

Yes, it is solved now

[Expert@GWA:0]# cplic print -p 2>/dev/null | tr ' ' '\n' | grep fw1:6.0:mc_all_ | cut -c 16- | awk '{ sum += $1 } END { print sum }'
8
[Expert@GWA:0]#‍‍‍

You can update CCC with this updated syntax.

Thank you.

Kind regards,
Jozko Mrkvicka

Danny · ‎2018-08-29

Added in version 3.3 of our Common Check Point Commands (ccc) script.

_Val_ · ‎2018-08-21

Lol, was about to answer just that

Henning_Gunders · ‎2018-11-20

Scripting is cool, but why not simplify it, by using the good old CLI command?

fw ctl get int fwlic_num_of_allowed_cores
fwlic_num_of_allowed_cores = 16

View solution in original post

PhoneBoy · ‎2018-11-20

On my 1490, that command returns 100000

On my regular gateway (which runs the standard All-in-One eval), it returns 16.

_Val_ · ‎2018-11-20

100000 - that's the way to go