Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
subrun_jamil
Explorer

Need CLI Command to see Interfaces and Associated IP Information

Can you advise how to see Interfaces and Associated IP Information from CLI  ?

0 Kudos
5 Replies
mcatanzaro
Employee
Employee

Hi,

From clish you can use the ‘show interfaces’ command to show all interfaces. 

You can then run ‘show interface <interface_name>’. 

From expert you can use the ‘ip’ set of commands. 

References:

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topics-GAG/CLI-Ref...

https://linux.die.net/man/8/ip

0 Kudos
Yuri_Slobodyany
Collaborator

[Expert@R81-standalone:0]# ip ad | grep "inet"
inet 127.0.0.1/8 scope host lo
inet 192.168.133.129/24 brd 192.168.133.255 scope global eth0
inet 10.10.10.129/24 brd 10.10.10.255 scope global eth1
inet 172.17.0.1/16 scope global docker0

 

BTW  Does anyone know what Docker is doing in my firewall ? 🙂

[Expert@R81-standalone:0]# docker --version
Docker version 1.13.1, build 07f3374/1.13.1

0 Kudos
mcatanzaro
Employee
Employee

Hi,

Are you running any jumbo hotfix accumulators?

R81 JHF T10 removed the docker interface:

PRJ-19150,
PMTR-57495
Gaia OS "Docker0" bridge interface with assigned IP address from class B private pool may appear in the system, causing routing issues.

 

AFAIK docker is mainly for the SMC web application. 

Yuri_Slobodyany
Collaborator

Thanks,

nope - running vanilla Take 392 (it is a lab environment).

 

[Expert@R81-standalone:0]# docker --version
Docker version 1.13.1, build 07f3374/1.13.1
[Expert@R81-standalone:0]# ip ad | grep docker
6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
inet 172.17.0.1/16 scope global docker0
[Expert@R81-standalone:0]#
[Expert@R81-standalone:0]# fw ver
This is Check Point's software version R81 - Build 959
[Expert@R81-standalone:0]# fwm ver
This is Check Point Security Management Server R81 - Build 287

 

 

0 Kudos
Bob_Zimmerman
Advisor

I wrote this one to show me the VSID, name, MAC, and IP address for every interface on every VS:

 

printf "%5s%12s%19s%19s\n" "VSID" "Interface" "MAC Address" "IP Address/Prefix";for vsid in $(ip netns list 2>/dev/null | cut -d' ' -f3 | cut -d')' -f1;ls /proc/vrf/ 2>/dev/null | sort -n);do vsenv $vsid>/dev/null 2>&1 || vsx set $vsid>/dev/null 2>&1;for iface in $(ifconfig -a | egrep "^[^ ]" | awk '{print $1}' | egrep -v "^(lo[0-9]*$|usb)");do printf "%5s" $vsid;printf "%12s" $iface;printf "%19s" $(ip addr show $iface | grep ' link/ether ' | awk '{print $2}');printf "%19s" $(ifconfig $iface | grep ' inet ' | cut -d':' -f2 | cut -d' ' -f1);echo "";done;done

 

Works on SecurePlatform (really old versions), GAiA with 2.6 kernel (up through R80.30), and GAiA with 3.10 kernel (R80.40 and later).

Separately, I also quite like this for showing physical interface information:

 

printf "%9s%13s%10s%8s%6s\n" "Interface" "PCIe Addr" "PCI-ID" "Driver" "Link?";ifconfig -a | egrep "^[^ ]" | awk '{print $1}' | egrep -v "^(lo$|usb|bond[0-9\.]+|gre(tap)?[0-9]+|Mgmt\.[0-9]|eth[-0-9]+\.)" | xargs -n 1 -I @ sh -c 'printf "%9s" @;printf "%13s" $(ethtool -i @ | grep "bus" | cut -d" " -f2);printf "%10s" $(lspci -n | grep $(ethtool -i @ | grep "bus" | cut -d: -f3-4) | cut -d" " -f3);printf "%8s" $(ethtool -i @ | grep "driver" | cut -d" " -f2);printf "%6s" $(ethtool @ | grep "Link" | cut -d" " -f3);echo ""'

 

 

Example output:

 

[Expert@DallasSA:0]# printf "%5s%12s%19s%19s\n" "VSID" "Interface" "MAC Address" "IP Address/Prefix";for vsid in $(ip netns list 2>/dev/null | cut -d' ' -f3 | cut -d')' -f1;ls /proc/vrf/ 2>/dev/null | sort -n);do vsenv $vsid>/dev/null 2>&1 || vsx set $vsid>/dev/null 2>&1;for iface in $(ifconfig -a | egrep "^[^ ]" | awk '{print $1}' | egrep -v "^(lo[0-9]*$|usb)");do printf "%5s" $vsid;printf "%12s" $iface;printf "%19s" $(ip addr show $iface | grep ' link/ether ' | awk '{print $2}');printf "%19s" $(ifconfig $iface | grep ' inet ' | cut -d':' -f2 | cut -d' ' -f1);echo "";done;done
 VSID   Interface        MAC Address  IP Address/Prefix
    0        eth0  00:11:22:33:44:55         10.0.1.253
    0        eth1  00:11:22:33:44:56                   
    0        eth2  00:11:22:33:44:57                   
    0        eth3  00:11:22:33:44:58                   
    0        eth4  00:11:22:33:44:59                   
    0        eth5  00:11:22:33:44:5a                   
    0     gretap0  00:00:00:00:00:00                   
    0        gre0                                      
[Expert@DallasSA:0]# printf "%9s%13s%10s%8s%6s\n" "Interface" "PCIe Addr" "PCI-ID" "Driver" "Link?";ifconfig -a | egrep "^[^ ]" | awk '{print $1}' | egrep -v "^(lo$|usb|bond[0-9\.]+|gre(tap)?[0-9]+|Mgmt\.[0-9]|eth[-0-9]+\.)" | xargs -n 1 -I @ sh -c 'printf "%9s" @;printf "%13s" $(ethtool -i @ | grep "bus" | cut -d" " -f2);printf "%10s" $(lspci -n | grep $(ethtool -i @ | grep "bus" | cut -d: -f3-4) | cut -d" " -f3);printf "%8s" $(ethtool -i @ | grep "driver" | cut -d" " -f2);printf "%6s" $(ethtool @ | grep "Link" | cut -d" " -f3);echo ""'
Interface    PCIe Addr    PCI-ID  Driver Link?
     eth0 0000:02:00.0 8086:150c  e1000e   yes
     eth1 0000:03:00.0 8086:150c  e1000e    no
     eth2 0000:04:00.0 8086:150c  e1000e    no
     eth3 0000:05:00.0 8086:150c  e1000e    no
     eth4 0000:06:00.0 8086:150c  e1000e    no
     eth5 0000:07:00.0 8086:150c  e1000e    no
[Expert@DallasSA:0]#