Maciej Maczka

Check Point Diagnostic Console (cdc)

Discussion created by Maciej Maczka on Aug 22, 2018
Latest reply on Aug 30, 2018 by Maciej Maczka

Hi Check Mates,

 

Inspired by Danny Jung and his Common Check Point Commands (ccc) I decided to create a fork of this tool, that will allow to achieve more.

 

 

About

 

CDC is set of scripts that allows to show CKP parameters, do some simple configuration and do debugs. Scirpts are organized in following way:

 

<action>_<place>_<module>_<info>

 

where:

action:

  • show - show CKP parameters
  • config - change something
  • debug - start/stop, show debug, test something, show logs

 

 

place:

  • MGMT - scripts for Management
  • Gateway - scripts for Gateway

 

module:

  • Corexl
  • SecureXL
  • Threat Prevention
  • and other stuff

 

info:

  • enable - start debug
  • show - show debug
  • other - no rules here. Just to kepp is simple

 

 

How to use it:

 

======================== GENERAL ==============================

 

(go to directory)

cd cdc

 

(run command)

./show_gateway_firewall_interface_drop

 

Hint: Use tab to finish command or to show commands available.

 

 

======================== SHOW COMMANDS ==============================

 

To see all commands  available run:   ls

To search for specific command:   ls  | grep module.  

 

For example:

[Expert@te:0]# ls | grep securexl
config_gateway_securexl_disable
config_gateway_securexl_enable
debug_gateway_securexl_errors_enable
debug_gateway_securexl_show
show_gateway_securexl_connections
show_gateway_securexl_connections_summary
...

 

You can alse use  search here:

http://epg.org.pl/cdc/reference.php?search= 

 

 

======================== SHOW ==============================

 

All commands start with "show"

 

[Expert@te:0]# ./show_mgmt_manager_status
Check Point Security Management Server is running and ready

 

======================== DEBUG ==============================

 

All commands start with "debug"

 

To start debug:

Most debugs require 3 commands: enable, show, disable_debug. Some only show.

 

For example:

./debug_gateway_ssl_inspect_related_enable

 

 

This will start debug of ssl inspect module. All kernel variable will be set for you. After that, what to do next message will be presented:

 

---------------------------------------------------------------------------

 

 Usage:
 debug_gateway_ssl_inspect_show | grep <options>

 

 debug_gateway_debug_disable to turn off debug!

 

 TIPS:
 | grep CN   - to check certificate CN processed by SSL Inspect
 | grep domain - to check search for specific domain
 Check log number. Use grep -A 10 -B 10

 

 ---------------------------------------------------------------------------

 

 

To see debug in this example:

./debug_gateway_ssl_inspect_show

 

CTRL + C to break.

 

To disable debug

./debug_gateway_debug_disable

 

 

======================== CONFIG  ==============================

 

All commands start with "config"

 

[Expert@te:0]# ./config_gateway_identity_users_excluded_clear
Warning this will CLEAR excluded users list!!!
Do you wan't to continue? (Hit any key to continue. CTRL+C to exit)

 

The suspected service accounts list has been cleared.

 

 

There should be a message, what this command will do. You need to press Enter to continue.

 

 

 

====================== HOW TO INSTALL ===================================

 

In expert mode.

Go to directory where do you want to install. Run:

 

curl_cli -O http://epg.org.pl/cdc/cdc.tar.gz
tar xvfz cdc.tar.gz
cd cdc
chmod 755 *
mkdir /var/log/cdc
cat about.txt

 

You can hind change log here:

http://epg.org.pl/cdc/changelog.html 

 

========================== WHAT CAN YOU DO =============================

 

Everything

 

You can share, edit, add / remove scirpts. Please, be so kind and share changes . Internet access is not required. If you don't want to share changes just edit your scripts.

 

If you need a new command or feel need to change one, just send a script with correct file name to me maciej.maczka@gmail.com.

 

Suggestion, comments, ideas are welcome.

Please also let me know if you see a need to maintain this tool.

 

Right now we have more than 150 scripts. Hoping for me.

 

 

Have fun

Attachments

Outcomes