This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Luis_Miguel_Mig
Advisor
‎2023-11-08 02:18 AM

ExportImportPolicyPackage import error

Hi,
I have been testing https://github.com/CheckPointSW/ExportImportPolicyPackage importing and exporting policy packages in the lab and it was all good.
However I am trying to import a policy package in a production Firewall Manager running r81.10 take 110 (it was initially r80.40 and upgraded to r81.10 a while ago) and the scripts breaks pretty much from the beginning.

These are the errors I get: 
- The trace shows that the script breaks when it tries to publish
-  /opt/CPsuite-R81.10/fw1/log/api.elg shows that publish fails due to "Publish cannot be performed without entering a session name and description"

Exactly the same import operation is successful  in the lab firewall manager  running r81.10 take 95 


Creating a Policy Package named [Policy]

Importing general objects

Adding hosts

Managed to import API object from type host by add-objects-batch API call.
Now trying to publish.

Traceback (most recent call last):
File "import_export_package.py", line 71, in <module>
import_package(client, args)
File "/home/admin/software/ExportImportPolicyPackage-master/importing/import_package.py", line 56, in import_package
layers_to_attach = import_objects(args.file, client, {}, package, None, args)
File "/home/admin/software/ExportImportPolicyPackage-master/importing/import_objects.py", line 185, in import_objects
batch_succeeded = add_batch_objects(api_type, command, client, args, batch_payload)
File "/home/admin/software/ExportImportPolicyPackage-master/importing/import_objects.py", line 862, in add_batch_objects
api_reply = handle_publish(client, api_type)
File "/home/admin/software/ExportImportPolicyPackage-master/importing/import_objects.py", line 899, in handle_publish
" from said file were not imported!. Message: " + str(publish_reply.error_message),
AttributeError: 'APIResponse' object has no attribute 'error_message'


/opt/CPsuite-R81.10/fw1/log/api.elg


2023-11-08 09:53:01,537 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-157589] - Executing [show-task] of version [1.6.1] (references 1.3)
2023-11-08 09:53:01,538 INFO org.apache.cxf.interceptor.LoggingOutInterceptor.log:250 [qtp-2043826156-157589] - Outbound Message
---------------------------
ID: 2480
Response-Code: 200
Content-Type: application/json
Headers: {Content-Type=[application/json], Date=[Wed, 08 Nov 2023 09:53:01 GMT]}
Payload: {
"tasks" : [ {
"task-id" : "abcdef01-2345-6789-a1c6-460bc3c21856",
"task-name" : "add-objects-batch",
"status" : "succeeded",
"progress-percentage" : 100,
"progress-description" : "Operation Complete",
"suppressed" : false,
"task-details" : [ {
"status" : "Batch operation completed successfully"
} ]
} ]
}
--------------------------------------
2023-11-08 09:53:01,539 INFO org.apache.cxf.interceptor.LoggingInInterceptor.log:250 [qtp-2043826156-192060] - Inbound Message
----------------------------
ID: 2481
Address: http://127.0.0.1:51133/web_api/v1.6.1/publish
Encoding: UTF-8
Http-Method: POST
Content-Type: application/json
Headers: {Accept=[*/*], accept-encoding=[identity], connection=[keep-alive], Content-Length=[2], content-type=[application/json], Host=[127.0.0.1:51133], User-Agent=[python-api-wrapper], X-chkp-sid=[574e70eb0d92745c80697faf2b3b2a21], X-Forwarded-For=[127.0.0.1], X-Forwarded-Host=[127.0.0.1], X-Forwarded-Host-Port=[443], X-Forwarded-Server=[10.71.11.71]}
Payload: {}
--------------------------------------
2023-11-08 09:53:01,539 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-192060] - Executing [publish] of version [1.6.1] (references 1)
2023-11-08 09:53:01,545 INFO org.apache.cxf.interceptor.LoggingOutInterceptor.log:250 [qtp-2043826156-192060] - Outbound Message
---------------------------
ID: 2481
Response-Code: 200
Content-Type: application/json
Headers: {Content-Type=[application/json], X-chkp-sync-task-id=[01234567-89ab-cdef-ae62-db43e4242700], Date=[Wed, 08 Nov 2023 09:53:01 GMT]}
Payload: {
"task-id" : "01234567-89ab-cdef-ae62-db43e4242700"
}
--------------------------------------
2023-11-08 09:53:01,546 INFO org.apache.cxf.interceptor.LoggingInInterceptor.log:250 [qtp-2043826156-157589] - Inbound Message
----------------------------
ID: 2482
Address: http://127.0.0.1:51133/web_api/v1.6.1/show-task
Encoding: UTF-8
Http-Method: POST
Content-Type: application/json
Headers: {Accept=[*/*], accept-encoding=[identity], connection=[keep-alive], Content-Length=[76], content-type=[application/json], Host=[127.0.0.1:51133], User-Agent=[python-api-wrapper], X-chkp-sid=[574e70eb0d92745c80697faf2b3b2a21], X-Forwarded-For=[127.0.0.1], X-Forwarded-Host=[127.0.0.1], X-Forwarded-Host-Port=[443], X-Forwarded-Server=[10.71.11.71]}
Payload: {"task-id": "01234567-89ab-cdef-ae62-db43e4242700", "details-level": "full"}
--------------------------------------
2023-11-08 09:53:01,546 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-157589] - Executing [show-task] of version [1.6.1] (references 1.3)
2023-11-08 09:53:01,547 INFO org.apache.cxf.interceptor.LoggingOutInterceptor.log:250 [qtp-2043826156-157589] - Outbound Message
---------------------------
ID: 2482
Response-Code: 200
Content-Type: application/json
Headers: {Content-Type=[application/json], Date=[Wed, 08 Nov 2023 09:53:01 GMT]}
Payload: {
"tasks" : [ {
"task-id" : "01234567-89ab-cdef-ae62-db43e4242700",
"task-name" : "Publish operation",
"status" : "in progress",
"progress-percentage" : 0,
"suppressed" : false
} ]
}
--------------------------------------
2023-11-08 09:53:03,550 INFO org.apache.cxf.interceptor.LoggingInInterceptor.log:250 [qtp-2043826156-192060] - Inbound Message
----------------------------
ID: 2483
Address: http://127.0.0.1:51133/web_api/v1.6.1/show-task
Encoding: UTF-8
Http-Method: POST
Content-Type: application/json
Headers: {Accept=[*/*], accept-encoding=[identity], connection=[keep-alive], Content-Length=[76], content-type=[application/json], Host=[127.0.0.1:51133], User-Agent=[python-api-wrapper], X-chkp-sid=[574e70eb0d92745c80697faf2b3b2a21], X-Forwarded-For=[127.0.0.1], X-Forwarded-Host=[127.0.0.1], X-Forwarded-Host-Port=[443], X-Forwarded-Server=[10.71.11.71]}
Payload: {"task-id": "01234567-89ab-cdef-ae62-db43e4242700", "details-level": "full"}
--------------------------------------
2023-11-08 09:53:03,551 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-192060] - Executing [show-task] of version [1.6.1] (references 1.3)
2023-11-08 09:53:03,552 INFO org.apache.cxf.interceptor.LoggingOutInterceptor.log:250 [qtp-2043826156-192060] - Outbound Message
---------------------------
ID: 2483
Response-Code: 200
Content-Type: application/json
Headers: {Content-Type=[application/json], Date=[Wed, 08 Nov 2023 09:53:03 GMT]}
Payload: {
"tasks" : [ {
"task-id" : "01234567-89ab-cdef-ae62-db43e4242700",
"task-name" : "Publish operation",
"status" : "failed",
"progress-percentage" : 100,
"suppressed" : false,
"task-details" : [ {
"fault-message" : "Publish cannot be performed without entering a session name and description."
} ]
} ]
}
--------------------------------------
2023-11-08 09:53:03,553 INFO org.apache.cxf.interceptor.LoggingInInterceptor.log:250 [qtp-2043826156-157589] - Inbound Message
----------------------------
ID: 2484
Address: http://127.0.0.1:51133/web_api/v1.6.1/logout
Encoding: UTF-8
Http-Method: POST
Content-Type: application/json
Headers: {Accept=[*/*], accept-encoding=[identity], connection=[keep-alive], Content-Length=[2], content-type=[application/json], Host=[127.0.0.1:51133], User-Agent=[python-api-wrapper], X-chkp-sid=[574e70eb0d92745c80697faf2b3b2a21], X-Forwarded-For=[127.0.0.1], X-Forwarded-Host=[127.0.0.1], X-Forwarded-Host-Port=[443], X-Forwarded-Server=[10.71.11.71]}
Payload: {}
--------------------------------------
2023-11-08 09:53:03,554 INFO com.checkpoint.management.web_api.web_services.WebApiEntryPoint.logRequestedCommandInfo:412 [qtp-2043826156-157589] - Executing [logout] of version [1.6.1] (references 1)



0 Kudos
4 Replies
Luis_Miguel_Mig
Advisor
‎2023-11-08 02:46 AM

I got it sorted by disabling "all sessions must have a description" at manage/settings -> Sessions -> Advanced

 

 

Hugo_vd_Kooij
Advisor
‎2023-11-08 04:55 AM
In response to Luis_Miguel_Mig

I would prefer to resolve it by setting the request items all the time.

It makes a lot more sense in the audit logs.

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
0 Kudos
Luis_Miguel_Mig
Advisor
‎2023-11-08 05:01 AM
In response to Hugo_vd_Kooij

Me too, but it requires modifying the python script. It may be a good feature request

0 Kudos
PhoneBoy
Admin
Admin
‎2023-11-08 01:43 PM
In response to Luis_Miguel_Mig

The script is Open Source, so you can submit a pull request with the relevant change.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events