I have actually seen documentation where it is possible to get the objects from
the firewall module.
When the policy is installed, the SmartCenter server creates an inspect script
which is sent to the
firewall module. In addition to this, the objects_5_0.C file is made into an
objects.C file and sent
along with the inspection script. It should be possible to take this file, use
the object dumper
utility to dump the objects out to a CSV file, and then use the object filler
utility to import the
objects. This could be very beneficial depending on the number of objects and
rules that would need to
be recreated.
I know the beta version also has support for rules, but I am not sure what
files/how this is done. It
would be best to look through the documentation of these tools to see if there
may be a way to get
this information as well.
Christopher Hoff
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT
AMADEUS.US.CHECKPOINT DOT COM] On
Behalf Of Gary Scott
Sent: Wednesday, November 22, 2006 10:21 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] RES: [FW-1] Crash of SmartCenter Server in ClusterXL
environment.
Unfortunately using any files from a FW module to recover the smartcenter
server will not work. Object
filler, the directories listed below, upgrade_export or other backup methods
could be used if using
this from the manager. If you have lost your manager and have no backup I am
afraid you are between a
rock and a hard place. If you had a cpinfo from the manager this could be very
helpful in the
recreation of the manager.
-GS
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT
AMADEUS.US.CHECKPOINT DOT COM] On
Behalf Of Hoff, Chris (Fort Wayne)
Sent: Wednesday, November 22, 2006 9:36 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] RES: [FW-1] Crash of SmartCenter Server in ClusterXL
environment.
Restoring these directories from a firewall module should NOT work. The only
thing I have seen that
may work is a tool called object filler (actually you would need to use the
object dumper tool that is
part of the same package). The beta version has the ability to work with rules.
You should check it
out:
http://ofiller.chatscope.com
or
http://www.lindercentral.com/ofiller
or
http://www.cpug.org/check_point_resources.htm
Christopher Hoff
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT
AMADEUS.US.CHECKPOINT DOT COM] On
Behalf Of Oswaldo Silva Junior
Sent: Tuesday, November 21, 2006 2:17 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] RES: [FW-1] Crash of SmartCenter Server in ClusterXL
environment.
Hi,
Even without knowing your SmartCenter operating system, I believe if you could
restore this
directories below, perhaps you'll be able to rebuild your SmartCenter:
$FWDIR/conf
$FWDIR/database
$FWDIR/lib
Best regards,
Jr.
-----Mensagem original-----
De: Levent Yildirmak [mailto:Levent.Yildirmak AT BANKEUROPA DOT COM]
Enviada em: terça-feira, 21 de novembro de 2006 11:48
Para: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Assunto: [FW-1] Crash of SmartCenter Server in ClusterXL environment.
Hi,
Is there a way to regenerate objects and rules from Firewall modules in
order to bring the smartcenter management server back to operation ?
Unfortunatelly there is no backup.
I very much appreciate for any comments.
Thanks.
Levent YILDIRMAK
UYARI :Bu e-mail iletisi ve ekleri, sadece adreste belirtilen kisi veya
kurulusa gonderilmis olup,
icerigi ve eklerinde yer alan bilgiler kisiye ozel ve gizlidir. Iletiyi alan
sahis, iletinin
gonderilmek istendigi kisi veya kurulus degilse, bu iletiyi yaymasi, dagitmasi
veya kopyalamasi
yasaktir. BankEuropa bu mesajin icerigi ve ekleri ile ilgili olarak hukuksal
hicbir sorumluluk kabul
etmez. Internet ortaminda gonderilen e-mail iletisindeki hata ve/veya
eksikliklerden veya viruslerden
dolayi mesajin gondericisi hicbir sorumluluk kabul etmemektedir. Ileti
tarafiniza yanlislikla ulasmis
ise gonderene derhal bilgi vermenizi ve orijinal iletiyi yukarida belirtilmis
olan adrese geri
gondermenizi ve ardindan da imha etmenizi rica ederiz.
DISCLAIMER :This message and attachments are confidential and private; they are
intended only for the
use of the individual or entity to which they are addressed. If you are not the
intended recipient or
entity of this message, you are hereby notified that any further dissemination,
distribution or
copying of this information is strictly prohibited. BankEuropa doesn't accept
any legal responsibility
for the contents and attachments of this message. The sender does not accept
any liability for any
errors or omissions or any viruses in the context of this message which arise
as a result of internet
transmission. If you have received this message in error, please notify the
sender immediately and
return the original message to the sender's address and destroy afterwards.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
