Overlooked but nice utility from Checkpoint – cpview

Checkpoint has made available starting with R77 this helpful information utility called cpview of which not many are aware. This is basically a Bash script that runs a bunch of native Checkpoint commands in the background and displays the output on the terminal while updating the data every other second.
– Running the command (you have to be in the Expert mode):
#cpview
– File location:
# which cpview
alias cpview='/bin/cpview_start.sh'

/bin/cpview_start.sh
– Some of the commands the utility runs:
fw ctl pstat
fw ctl multik stat
fw ctl affinity -l -r

Example output:cpview

Read More

Checkpoint Mobile Access support for SHA-256 SSL certificates

The new era of sha-256 as opposed to sha-1 signed SSL certificates is slowly gaining the pace, not without a gentle push from the browser providers . And Checkpoint is catching up in its new version R77.30 for Open Servers. This means, on the other hand, earlier versions do not support SHA-256 certificates.
While on both versions – 77.20 and 77.30 cpopenssl package gives the same version info they do differ:

cpopenssl command accepting -sha-256 option

openssl in R77.30 now supports SHA-256 certificates

Read More

SNMP in Gaia default community string

Configuring SNMP in Gaia as opposed to SPLAT has been made much simpler. So simple that it is easy to overlook that default configured read-only community is public .
So , it is a good idea to change it while enabling SNMP:
set snmp agent on
set snmp agent-version any
set snmp community public read-only

PS. Another ‘feature’ of the SNMP is that you can either enable SNMP version 1 and 2 or version 3. Trying to enable just version 2c is not possible.

Read More

RIPE database query for a route object, or why my network is not advertised via BGP to the world

Once it was a nice-to-have configuration that most ISPs in the world ignored anyway, but today it is a must if you are planning to advertise your networks via BGP through your uplink provider – your route object in the AS whois database of the uplink provider. If not – you will happily advertise your networks, the uplink provider will duly advertise them to its uplink peers, which will check AS registry database of your provider and not finding this route object will silently drop the advertising.
Of course it is duty of your transit ISP provider to update their records with your network, but after all, you are the one most interested – so as they say in Russian ” Доверяй но проверяй ” , and here is how to do it:
whois -h whois.ripe.net — ‘-a -r -i or -T route AS1680′ | grep route
In this example I assume your uplink provider is Netvision with AS1680 , replace AS number with the correct one.
Output will look like:
route: 109.186.0.0/16
route: 109.253.0.0/16
route: 117.121.245.0/24
route: 138.134.0.0/16
route: 147.161.0.0/16

If you don’t find in such listing your network – Houston, you have a problem here.

Read More

Cisco CUCM CDR report – call duration and called numbers extraction script

Yesterday I had to extract some data from a CDR report for a client, namely call start time, its duartion and the called number. And while I am sure Google has zillion scripts to be found, it was much faster to hack this one-liner .
The script extracts the following fields from the CDR report in this order:
dateTimeOrigination – for outgoing calls it is the time the device goes off hook
callingPartyNumber – initiator of the call
finalCalledPartyNumber – the reached/dialed number (after forwarding if any)
duration – duration of the call
The extracted data is placed in CSV format to be easily imported into Microsoft Excel.
Enjoy. Any questions – feel free to ask here.

 awk -F, 'BEGIN {OFS=","} {print strftime("%c",$5),$9,$31,$56}'  report_cdr 

Output:
Sun 04 May 2014 01:54:37 PM IDT,0555555555,2988,41
Sun 04 May 2014 01:55:07 PM IDT,2908,0555555555,25

In case you want to extract some other fields from CDR , here is the full list of available values and their position. For explanation you can look here – Cisco Call Detail Records Field Descriptions

1 cdrRecordType
2 globalCallID_callManagerId
3 globalCallID_callId
4 origLegCallIdentifier
5 dateTimeOrigination
6 origNodeId
7 origSpan
8 origIpAddr
9 callingPartyNumber
10 callingPartyUnicodeLoginUserID
11 origCause_location
12 origCause_value
13 origPrecedenceLevel
14 origMediaTransportAddress_IP
15 origMediaTransportAddress_Port
16 origMediaCap_payloadCapability
17 origMediaCap_maxFramesPerPacket
18 origMediaCap_g723BitRate
19 origVideoCap_Codec
20 origVideoCap_Bandwidth
21 origVideoCap_Resolution
22 origVideoTransportAddress_IP
23 origVideoTransportAddress_Port
24 origRSVPAudioStat
25 origRSVPVideoStat
26 destLegIdentifier
27 destNodeId
28 destSpan
29 destIpAddr
30 originalCalledPartyNumber
31 finalCalledPartyNumber
32 finalCalledPartyUnicodeLoginUserID
33 destCause_location
34 destCause_value
35 destPrecedenceLevel
36 destMediaTransportAddress_IP
37 destMediaTransportAddress_Port
38 destMediaCap_payloadCapability
39 destMediaCap_maxFramesPerPacket
40 destMediaCap_g723BitRate
41 destVideoCap_Codec
42 destVideoCap_Bandwidth
43 destVideoCap_Resolution
44 destVideoTransportAddress_IP
45 destVideoTransportAddress_Port
46 destRSVPAudioStat
47 destRSVPVideoStat
48 dateTimeConnect
49 dateTimeDisconnect
50 lastRedirectDn
51 pkid
52 originalCalledPartyNumberPartition
53 callingPartyNumberPartition
54 finalCalledPartyNumberPartition
55 lastRedirectDnPartition
56 duration
57 origDeviceName
58 destDeviceName
59 origCallTerminationOnBehalfOf
60 destCallTerminationOnBehalfOf
61 origCalledPartyRedirectOnBehalfOf
62 lastRedirectRedirectOnBehalfOf
63 origCalledPartyRedirectReason
64 lastRedirectRedirectReason
65 destConversationId
66 globalCallId_ClusterID
67 joinOnBehalfOf
68 comment
69 authCodeDescription
70 authorizationLevel
71 clientMatterCode
72 origDTMFMethod
73 destDTMFMethod
74 callSecuredStatus
75 origConversationId
76 origMediaCap_Bandwidth
77 destMediaCap_Bandwidth
78 authorizationCodeValue
79 outpulsedCallingPartyNumber
80 outpulsedCalledPartyNumber
81 origIpv4v6Addr
82 destIpv4v6Addr
83 origVideoCap_Codec_Channel2
84 origVideoCap_Bandwidth_Channel2
85 origVideoCap_Resolution_Channel2
86 origVideoTransportAddress_IP_Channel2
87 origVideoTransportAddress_Port_Channel2
88 origVideoChannel_Role_Channel2
89 destVideoCap_Codec_Channel2
90 destVideoCap_Bandwidth_Channel2
91 destVideoCap_Resolution_Channel2
92 destVideoTransportAddress_IP_Channel2
93 destVideoTransportAddress_Port_Channel2
94 destVideoChannel_Role_Channel2
95 incomingProtocolID
96 incomingProtocolCallRef
97 outgoingProtocolID
98 outgoingProtocolCallRef
99 currentRoutingReason
100 origRoutingReason
101 lastRedirectingRoutingReason
102 huntPilotDN
103 huntPilotPartition
104 calledPartyPatternUsage
105 outpulsedOriginalCalledPartyNumber
106 outpulsedLastRedirectingNumber
107 wasCallQueued
108 totalWaitTimeInQueue
109 callingPartyNumber_uri
110 originalCalledPartyNumber_uri
111 finalCalledPartyNumber_uri
112 lastRedirectDn_uri
113 mobileCallingPartyNumber
114 finalMobileCalledPartyNumber
115 origMobileDeviceName
116 destMobileDeviceName
117 origMobileCallDuration
118 destMobileCallDuration
119 mobileCallType
120 originalCalledPartyPattern
121 finalCalledPartyPattern
122 lastRedirectingPartyPattern
123 huntPilotPattern

Read More

Convert Checkpoint SPLAT routes into Gaia configuration commands

Hi there, not much of a script , just the one-liner to turn output of the Secure Platform cli command route/ip route list into the ready for copy&paste list of Gaia clish commands.
Be aware I am not doing any error checking, so examine the final result before applying to a production system.
See ya.
You should run it on SPLAT cli being in expert mode.

ip route list | awk ‘/via/ {print " set static-route ",$1," nexthop gateway address " $3," on "}’

set static-route 172.19.0.0/16 nexthop gateway address 172.12.255.4 on
set static-route 172.20.0.0/16 nexthop gateway address 10.20.20.6 on
set static-route default nexthop gateway address 19.9.15.33 on

Read More

PTR bulk resolver in Perl to see what is in the name

There are 50 ways to do PTR resolving in bulk,and this is just one of them. It doesn’t pretend to be the fastest/coolest/best, the only thing
I can claim – it works. So use it for pleasure and work.


# Yuri
# 19.02.2013
# this script accepts range of IP addresses to do PTr resolving for
# the range has to be in this format: startIp-endIp.startIp-endIp.startIp-endIp.startIp-endIp.
# Only answers are printed, i.e. if there is no answer  nothing is printed
use warnings;
use strict;
use Net::DNS ;

my $res = Net::DNS::Resolver->new();
  my $input = shift ;
     $input =~ /(.+)-(.+)\.(.+)-(.+)\.(.+)-(.+)\.(.+)-(.+)/ ;
     print "Resolving ptrs for the following range: $input\n" ;
     print "Started working at: " . scalar gmtime . "\n" ;
     my ($oct1_start,$oct1_end,$oct2_start,$oct2_end,$oct3_start,$oct3_end,$oct4_start,$oct4_end) = ($1,$2,$3,$4,$5,$6,$7,$8) ;
 foreach my $oct1 ($oct1_start..$oct1_end) {
   foreach my $oct2 ($oct2_start..$oct2_end) {
     foreach my $oct3 ($oct3_start..$oct3_end) {
       foreach my $oct4 ($oct4_start..$oct4_end) {
   my $answer = $res->query("${oct1}.${oct2}.${oct3}.${oct4}") ;
 if (defined $answer) {
my @ptr = $answer->answer;
foreach my $record_ptr (@ptr) {
#print " NEw " . $record_ptr->print ;
 my $str = substr($record_ptr->string,rindex($record_ptr->string,'R')+1) ;
 print "$oct1.$oct2.$oct3.$oct4  "  . $str . "\n";
}

}
} } }}

  print "Run completed at: " . scalar gmtime . "\n" ;

Example run: #perl script.pl 194-194.90-90.33-33.0-255

Read More