Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
the_rock
Legend
Legend

Connections table question

Hey guys,

Sorry if this sounds like a "loaded" question, but I was wondering, is there a list somewhere on CP firewall connection table names that belong to a certain blades? So say, if customer wanted to know what tables are related to app control or content awareness or urlf blade, is that possible?

Thanks!

0 Kudos
17 Replies
_Val_
Admin
Admin

The answer is sk65133

 

0 Kudos
the_rock
Legend
Legend

I know that sk Val, but it does not answer my question. Unless Im missing something : - )

0 Kudos
_Val_
Admin
Admin

Maybe you just asked the wrong question then.

The connection table format is described in the SK I mentioned, but it seems you are asking about kernel tables relevant to AC/URLF and/or content inspection.

AC table is appi_rb_intvl_kbufs_table, from sk73220, but it does not do much, used mostly for tagging, read the ATRG.

URLF does not have a kernel table to tag connections, instead, there is a server cache table, cptls_server_cn_cache, look into sk92743

Content Awareness does not have a corresponding kernel table, AFAIK. For more details, look into sk119715


0 Kudos
the_rock
Legend
Legend

Its just a question :). All I want to know is if there is a way to get tables associated with any given blades, thats all. 

0 Kudos
emmap
Employee
Employee

So, there's the connection table, and then there's the other tables. There's information pertinent to blades inside the connection table, then there's other tables for some of the other blades.

I don' t know of any CP published documentation of every table and what they're for.

0 Kudos
the_rock
Legend
Legend

Thanks @emmap . What Im really looking for is something that would show any given table associated with any blade available, but I guess such command does not really exist. I was not hopeful it did, but figured would ask anyway : - )

0 Kudos
Timothy_Hall
Champion
Champion

What you could do is set up a new gateway with only the Firewall blade enabled, then install policy.  Now run fw tab -t connections -s to get the base list of all individual state tables.  Now enable the next blade (IPSec VPN for example) and install policy.  Run fw tab -t connections -s again and diff the results with the initial output.  Then disable IPSec VPN, enable another blade, install policy and diff that with the initial output.  An so on...

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
the_rock
Legend
Legend

Thanks Tim, I get what you are saying, but I was looking for something more simple with multiple blades enabled. I talked to a guy who used to be a Diamond engineer and he told me he never heard of command like that, so I guess it does not exist. O well 🙂

0 Kudos
Timothy_Hall
Champion
Champion

Only other thing I can think of is fw ctl conntab, which shows which connection modules apply to a certain connection but how this maps to individual state tables is unclear:

<(inbound, src=[10.168.75.11,39125], dest=[10.168.39.31,5701], TCP); 23/25, rule=24, tcp state=SYN_SENT, service=343, conn modules: PSL, SeqVerifier>

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
the_rock
Legend
Legend

Still does not show me sadly what Im really looking for. Thanks again for your efforts and responses, really appreciate it!

0 Kudos
the_rock
Legend
Legend

Btw Tim, thanks for the suggestion, but no luck. I tested and output was the same regardless what blades are on.

0 Kudos
_Val_
Admin
Admin

Did I answer it already or didn't I?

0 Kudos
the_rock
Legend
Legend

No sir : - ). Anyway, I know this is not something thats possible to get, so post can be archived, thank you!

0 Kudos
_Val_
Admin
Admin

Then you should ask it the way it can be answered. Just to make sure, the answer is, not all the mentioned blades have associated kernel tables. 

What are you trying to achieve?

0 Kudos
the_rock
Legend
Legend

Im not really sure how much more clear I can ask my question Val, but for you, I will do it again : )))

Here it comes:

Is there ANY way to run a command or script or anything else on the CP firewall that would give you list of tables associated with any given blade? For example...if you wish to list tables associated with vpn blade, how would you do so? If you wanted to get tables associated with urlf blade, how do you do it? And so on...

Not really sure how much more clear I can ask this, sorry man : - )

0 Kudos
_Val_
Admin
Admin

The answer to the first question is no. Which renders the following questions irrelevant. You were asking for specific tables for AC, URLF, and CA, those questions are also answered.

0 Kudos
the_rock
Legend
Legend

All good, I was just clarifying :). Yes, I figured from all the answers given that answer had to be no. Lets close the topic, cheers!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events