Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Unai_CP
Explorer

.def files installation in security gateways

Hello Mates,

 

I  am analyzing some modifications done in the user.def and table.def files in the management server, and a doubt come to my mind, where could I check in the security gateway this configurations? I have analyzed the security gateway file system issuing a "find / -name *.def*" command and I see that the user.def files that I get from that command are not modified since the last upgrade proccess.

 

Is it possible to check those configurations in the GW?

 

Thanks in advance!

0 Kudos
6 Replies
G_W_Albrecht
Legend Legend
Legend

No, as they have been compiled before transfer to the GW. See sk30919: Creating customized rules for Check Point Security Gateway - 'user.def' file:

All the changes made in this file are transferred to the managed Security Gateway / Cluster during policy installation.

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Unai_CP
Explorer

So there is no way to check if the configuration has been applied correctly?

0 Kudos
_Val_
Admin
Admin

Of course there is. Check user.def on the GW side and see if your changes are there.

0 Kudos
Unai_CP
Explorer

That was my first question, which is the installed user.def location in the security gateway? I see no changes in the found files located in /var/opt/CPsuite-R80.40/fw1/conf/ and I don't find any modified file. I have checked the user.def location guide in checkpoint's documentation and I modified the correct user.def file there, but it seems that this is not pushed to the gateways or I am unable to find the installed file in the gateway.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Are you sure user.def on GW is changed ? I remember this visualization about policy compile and install:

PI.pngFrom: How To Troubleshoot Policy Installation Issues

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
PhoneBoy
Admin
Admin

If there is evidence anywhere, it’s in $FWDIR/state/local/FW1 with what was pushed from the management.
The actual .def files won’t be there, but you may be able to find other evidence of such changes.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events