tag:blogger.com,1999:blog-90147304710713713832024-03-06T06:21:24.895-03:00Check PointTroubleshooting e procedimentos relacionados a Firewall Check Point.Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.comBlogger21125tag:blogger.com,1999:blog-9014730471071371383.post-5188812498640261492015-01-08T14:19:00.001-02:002015-01-08T14:21:28.033-02:00Como verificar overlap de domínio de VPN<span style="font-family: Trebuchet MS, sans-serif;">Para verificar se algum domínio está em conflito com outro existe um comando para troubleshoot.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br />
Esse comando é executado no Firewall</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br />
*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br />
<br />
</span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br />
<br />
<span style="color: #262626; line-height: 16px;">#vpn overlap_encdom</span></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br />
<span style="color: #262626; line-height: 16px;">*</span></span>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-57082947778787390192014-06-30T10:17:00.001-03:002014-06-30T10:19:44.494-03:00Como verificar hotfix instalado.Para verificar os hotfixes instalados há um comando simples.<div><br></div><div>*</div><div><br></div><div>#cpinfo -y all</div><div><br></div><div>*</div>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-1511504049068415402013-12-09T17:41:00.002-02:002013-12-09T17:41:47.101-02:00Routing packets after removing policy<span style="font-family: Trebuchet MS, sans-serif;">After removing policy of the firewall with "fw unloadlocal" some packets are not routable.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">It's needed to change a value:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: 'Trebuchet MS', sans-serif;">*</span><br />
<br />
<a name='more'></a><br />
<span style="font-family: Trebuchet MS, sans-serif;">more /proc/sys/net/ipv4/ip_forward</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">echo 1 > /proc/sys/net/ipv4/ip_forward</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<br />Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-52499412718404629362013-12-09T17:38:00.003-02:002013-12-09T17:41:57.894-02:00Ativar roteamento no Firewall após remoção de políticas<span style="font-family: Trebuchet MS, sans-serif;">Quando criamos um ambiente de laboratório, muitas vezes utilizamos um Firewall para rotear o tráfego, porém, após executar o comando "fw unloadlocal" os pacotes não são roteados para seu destino.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">É necessário alterar um parametro.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: 'Trebuchet MS', sans-serif;">*</span>
<br />
<a name='more'></a><br />
<span style="font-family: Trebuchet MS, sans-serif;">more /proc/sys/net/ipv4/ip_forward</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">echo 1 > /proc/sys/net/ipv4/ip_forward</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Com isso o Firewall passará a transmitir os pacotes corretamente.</span>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-46339081954547897752013-10-21T15:51:00.002-02:002013-10-21T15:52:30.880-02:00How to enable traffic on backup Firewall<span style="font-family: Trebuchet MS, sans-serif;">In a clustered environment, we cannot communicate directly to the backup Firewall, an example is: <b>ping</b> the backup Firewall.</span><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">To solve this problem we can run this command on both Firewalls.</span><span style="font-family: Trebuchet MS, sans-serif;"><br /><br />*</span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br />Run this command on all cluster members<br /># <span style="background-color: white;">fw ctl set int fwha_forw_packet_to_not_active 1</span></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br />*<br />*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: 'Trebuchet MS', sans-serif;">To set the value permanently:</span><br />
<span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Edit the $FWDIR/boot/modules/fwkern.conf</span><span style="font-family: Trebuchet MS, sans-serif;">Include:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span><code><span style="font-family: Trebuchet MS, sans-serif;">parameter_name=value</span></code><br />
<code><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></code><span style="font-family: Trebuchet MS, sans-serif;"><span style="background-color: white;">Create the </span><code style="background-color: white;">$FWDIR/boot/modules/fwkern.conf</code><span style="background-color: white;"> file, if it does not exist. </span></span><span style="font-family: Trebuchet MS, sans-serif;"><span style="background-color: white;">The Security Gateway must be rebooted after any change in the </span><code style="background-color: white;">$FWDIR/boot/modules/fwkern.conf </code><span style="background-color: white;">file.</span></span><span style="font-family: Trebuchet MS, sans-serif;">*</span>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-59277990020677907242013-10-21T15:43:00.000-02:002013-10-21T15:52:23.975-02:00Como liberar tráfego no Firewall backup em um Cluster<span style="font-family: Trebuchet MS, sans-serif;">Em um ambiente em Cluster, não conseguimos comunicação diretamente com o Firewall backup, um exemplo é o <b>ping</b> no Firewall backup.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Para resolver esse problema podemos executar um comando nos Firewalls.<br /><br />*</span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br />Execute esse comando em todos os membros do Cluster:<br /># <span style="background-color: white;">fw ctl set int fwha_forw_packet_to_not_active 1</span></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Esse comando não sobrevive a reboot, para isso é necessário adicionar o comando em um arquivo:<br />*<br />*</span><br />
<span style="font-family: 'Trebuchet MS', sans-serif;">Edite o arquivo</span><span style="font-family: 'Trebuchet MS', sans-serif;"> </span><code>$FWDIR/boot/modules/fwkern.conf.</code><span style="font-family: 'Trebuchet MS', sans-serif;">Adicione o comando: </span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /><code>parameter_name=value</code><br />Crie o arquivo caso não exista.<br />É necessário rebootar o Firewall após editar esse arquivo.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br />*<br /></span>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-77903093067451566432013-09-20T11:01:00.000-03:002013-09-20T11:09:58.426-03:00Como verificar tabela de conexões dos Firewalls<span style="font-family: Trebuchet MS, sans-serif;">Uma forma de verificar se os Firewalls em um Cluster estão sincronizados, é utilizar o comando:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">[Expert@fwm]# fw tab -t connections -s</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Geralmente abrimos duas conexões SSH nos Firewalls e executamos o comando individualmente.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Um jeito mais prático é executar o comando pela Manager direcionado aos dois Firewalls.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"></span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">[Expert@fwm]# fw tab -t connections -s fw1 fw2</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">HOST NAME ID #VALS #PEAK #SLINKS</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">fw1 connections 58 137867 250322 508451</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">fw2 connections 8158 137560 250310 507258</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: 'Trebuchet MS', sans-serif;">*</span>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-20040149056835087482013-09-17T01:02:00.000-03:002013-09-19T16:19:16.714-03:00How To Convert Hex to Decimals Using BashWhen you're troubleshooting Check Point kernel tables (by using 'fw tab') sometimes the -f parameter is not available to format the output, usually from hex to decimal format. Which makes your life very difficult if you're already addicted to the -f flag.<br />
<br />
So if you're not familiar or willing to convert in your head hex to decimal. Or you don't want to open the Windows calculator in the Programmer's view or even don't have that available, bash can help you out. You can easily convert from hex to decimal and the other way aroung using the printf command. See below:<br />
<br />
<a name='more'></a><br /><br />
By using the %x the output of 254 is 'fe' which is the equivalent in hex.<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbAcFfTl0zKQ5u7-4wYCWNiy2Mg0Fg9YB6K1kcE_bcIA6L7RdGMWV9Au7L0fajM_817yd6M3MOKECk7Wb1Lvu7DHL7xyxfdPfQAdtTL6gClKssvzmu1w2lDNmjwOp6t0_V4UEMt2TA4Ah7/s1600/blog1.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbAcFfTl0zKQ5u7-4wYCWNiy2Mg0Fg9YB6K1kcE_bcIA6L7RdGMWV9Au7L0fajM_817yd6M3MOKECk7Wb1Lvu7DHL7xyxfdPfQAdtTL6gClKssvzmu1w2lDNmjwOp6t0_V4UEMt2TA4Ah7/s1600/blog1.PNG" /></a> <br />
<br />
<br />
<br />
The %d does the opposite, converting from hex to decimal.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvWIkgL18eYXcPZ4gneYyCKI6eF4fbOIX3nLu0wfhCWmNlb-itTPK4bOfb9sRm6KQcNwd0Ppc8lx6sZcvN33J7ntfBk5rwTPJIn69J4htbyQXD5T4PVa5pkfPClDUPYH15B5cDVbOOO_qn/s1600/blog2.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvWIkgL18eYXcPZ4gneYyCKI6eF4fbOIX3nLu0wfhCWmNlb-itTPK4bOfb9sRm6KQcNwd0Ppc8lx6sZcvN33J7ntfBk5rwTPJIn69J4htbyQXD5T4PVa5pkfPClDUPYH15B5cDVbOOO_qn/s1600/blog2.PNG" /></a></div>
<br />
<br />
<br />
<br />
Note that in this case you need to provide the 0x before the hex value. Also note that there is a ton of ways of achieving the same result. This is just one of them and that happens to work in any Secure Platform, Gaia or Linux deployment with Check Point.Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-43202621005312472292013-09-17T00:20:00.000-03:002013-09-19T08:38:35.138-03:00How To Temporarily Disable Gaia's Bash Time Out<span class="" id="result_box" lang="en"><span class="hps">For Check Point system administrators</span> used <span class="hps">to </span><span class="hps">SecurePlatform</span> way to <span class="hps">disable</span> <span class="hps">bash time out,</span><span class="hps"> Gaia</span> <span class="hps">sometimes</span> <span class="hps">can be tricky.</span> <span class="hps">Just because the </span><span class="hps">'idle</span>' </span><span class="" id="result_box" lang="en"><span class="" id="result_box" lang="en"><span class="hps">command</span> <span class="hps"></span></span> <span class="hps">simply does not exist</span> <span class="hps">in</span> G<span class="hps">aia</span>'s </span><span class="" id="result_box" lang="en"><span class="" id="result_box" lang="en"><span class="hps">bash</span><span class="hps"></span></span>.<br /><br /><span class="hps">To</span> <span class="hps">temporarily</span> <span class="hps">disable the</span> bash's <span class="hps">time-out</span> <span class="hps"></span><span class="hps">in</span> <span class="hps">Gaia</span> <span class="hps">you</span> basically unset <span class="hps">the environment variable</span> <span class="hps">responsible for</span> <span class="hps">this function</span> <span class="hps">using</span> <span class="hps atn">the command '</span>unset' <span class="hps atn">(</span>see <span class="hps">image below)</span>.</span><br />
<a name='more'></a><span class="" id="result_box" lang="en"><br /><span class="hps">Note</span> <span class="hps">in the screenshot below</span> <span class="hps">that the</span> default <span class="hps">timeout</span> is <span class="hps">600 seconds</span> <span class="hps">or 10 minutes</span><span class="">.</span></span><br />
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyujGwovMeplLT_OtSXU7j5LgS0GxasFLuTy9ZyM2zz1gBAJwtALpDfgK84KlcDNKflc-CiiehaXIOU6CKr8GK57nl3VfrbBMTwPz58CLTE1PWYY2b_DjHJTlFOWTUEGJWi9viuzThHIbT/s1600/blog.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyujGwovMeplLT_OtSXU7j5LgS0GxasFLuTy9ZyM2zz1gBAJwtALpDfgK84KlcDNKflc-CiiehaXIOU6CKr8GK57nl3VfrbBMTwPz58CLTE1PWYY2b_DjHJTlFOWTUEGJWi9viuzThHIbT/s1600/blog.PNG" /></a></div>
<br />
<span class="" id="result_box" lang="en"><span class="hps">This procedure</span> <span class="hps">is</span> <span class="hps">recommended during</span> <span class="hps">troubleshooting sessions</span> <span class="hps">and / or</span> <span class="hps">data collection for</span> <span class="hps">debug</span> purposes <span class="hps">where </span><span class="hps">it's</span> <span class="hps">undesirable that</span> <span class="hps">the shell kicks you off.</span><br /><br /><span class="hps">From the</span> <span class="hps">practical point of view</span> <span class="hps">it is also possible to</span> <span class="hps">configure </span><span class="hps">Gaia</span> so<span class="hps"> that</span> <span class="hps">variable</span> <span class="hps">is never</span> <span class="hps atn">set,</span> disabling completely the<span class="hps"> </span><span class="hps">automatic</span> <span class="hps">log</span> <span class="hps">off feature</span><span class="hps"></span>. <span class="hps">Although</span> <span class="hps">from the security point of view</span> <span class="hps"></span><span class="hps">this is <b>highly</b> not recommended</span>.</span>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-46938939116536785332013-09-09T11:05:00.001-03:002013-09-17T15:45:58.204-03:00Como calcular IP no Check Point<span style="font-family: Trebuchet MS, sans-serif;">Uma ferramenta muito útil que funciona em Checkpoint para calcular um IP, caso não queira ficar calculando de cabeça.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipgl0RXo-naIuKOu0ZufMWfpf5X5pvHS_tmVjMC769F5iLI4_ohGU4vi1Cyf8N7qGmjEk0TLrCt1-IHnTbPibEvOjvgqlBeF4vdg_uMyQlb3lsaoTdTjYfhEmx5KMB7ZhkkHoCYm5u5T0/s1600/ipcalc.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Trebuchet MS, sans-serif;"><img border="0" height="176" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipgl0RXo-naIuKOu0ZufMWfpf5X5pvHS_tmVjMC769F5iLI4_ohGU4vi1Cyf8N7qGmjEk0TLrCt1-IHnTbPibEvOjvgqlBeF4vdg_uMyQlb3lsaoTdTjYfhEmx5KMB7ZhkkHoCYm5u5T0/s320/ipcalc.png" width="320" /></span></a></div>
<span style="font-family: Trebuchet MS, sans-serif;">Funciona em Splat e GAIA.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"></span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">Exemplo:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># ipcalc -bnm x.x.x.x/yy</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-48047445483727101552013-08-27T15:00:00.003-03:002013-09-17T15:45:58.206-03:00Como alterar o idioma do teclado<span style="font-family: Trebuchet MS, sans-serif;">Muitas vezes ao instalar um Sistema Operacional acabamos escolhendo o idioma errado do teclado, podendo atrapalhar ao digitar alguns comandos.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Segue um procedimento para alterar o idioma:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"><b>Secure Platform </b></span><br />
<br />
<a name='more'></a><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># expert</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"># vi /etc/sysconfig/keyboard</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Altere o idioma em KEYTABLE</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"><span style="background-color: white;">KEYBOARDTYPE="pc" </span><br style="background-color: white;" /><span style="background-color: white;">KEYTABLE="br-abnt2"</span></span><br />
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;">Salve o novo arquivo.</span></span><br />
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"># reboot</span></span><br />
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;">*</span></span><br />
<span style="background-color: white;"><u><span style="font-family: Trebuchet MS, sans-serif;"> </span></u></span><br />
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><b>GAIA</b></span></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;">*</span></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"># expert</span></span><br />
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"># dbset keyboard:mapping <nome do layout></span></span><br />
<span style="background-color: white; font-family: 'Trebuchet MS', sans-serif;">#</span><span style="font-family: Trebuchet MS, sans-serif;"><code><span style="white-space: pre;"> </span></code><span style="background-color: white;">dbset :save</span></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><span style="background-color: white;"># </span><span style="background-color: white;">/bin/kbd_map_xlate keyboard:mapping < /config/active</span></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><span style="background-color: white;"><br /></span></span>
<span style="font-family: Trebuchet MS, sans-serif;"><span style="background-color: white;"># reboot</span></span><br />
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;">*</span></span><br />
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span>
<br />
<table align="left" border="0" style="background-color: white; color: black; margin-left: auto; margin-right: auto;"><tbody>
<tr><td><strong><span style="font-family: Trebuchet MS, sans-serif;">Keyboard Layout Name</span></strong></td><td><strong><span style="font-family: Trebuchet MS, sans-serif;"> Language</span></strong></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> be-latin1</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Belgian</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> bg</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Bulgarian</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> br-abnt2</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Brazilian</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> cf</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Central African Republic</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> cz-lat2</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Czechoslovakian</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> de</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> German</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> dvorak</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Dvorák</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> dk</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Danish</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> et</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Estonian</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> fi</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Finnish</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> fr</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> French</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> fr_CH</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Swiss French</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> sg</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Swiss German</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> hu</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Hungarian</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> is-latin1</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Icelandic</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> it</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Italian</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> jp106</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Japanese</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> no</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Norwegian</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> pl</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Polish</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> pt-latin1</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Portuguese</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> ru</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Russian</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> es</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Spanish</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> se-latin1</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Swedish</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> trq</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Turkish</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> uk</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> Great Britain</span></td></tr>
<tr><td><span style="font-family: Trebuchet MS, sans-serif;"> us</span></td><td><span style="font-family: Trebuchet MS, sans-serif;"> US</span></td></tr>
</tbody></table>
Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-9670605708134374262013-08-19T15:15:00.003-03:002013-09-17T15:45:58.222-03:00Como editar um arquivo<span style="font-family: Trebuchet MS, sans-serif;">Muitos problemas relacionados a Firewall é necessário alterar um arquivo, um exemplo a tabela arp (local.arp)</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Para isso, usamos um editor chamado "vi"</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Para utilizar:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># vi nome_do_arquivo</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Para passar para o modo comando pressione ESC.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Comandos basicos de insercao de texto:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"></span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br /></span><br />
<span style="font-family: Trebuchet MS, sans-serif;">i<span class="Apple-tab-span" style="white-space: pre;"> </span>Insere texto antes do cursor</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">a<span class="Apple-tab-span" style="white-space: pre;"> </span>Insere texto depois do cursor</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">r<span class="Apple-tab-span" style="white-space: pre;"> </span>Insere texto no início da linha onde se encontra o cursor</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">A<span class="Apple-tab-span" style="white-space: pre;"> </span>Insere texto no final da linha onde se encontra o cursor</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">o<span class="Apple-tab-span" style="white-space: pre;"> </span>Adiciona linha abaixo da linha atual</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">O<span class="Apple-tab-span" style="white-space: pre;"> </span>Adiciona linha acima da linha atual</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">Ctrl + h<span class="Apple-tab-span" style="white-space: pre;"> </span>Apaga o ultimo caracter</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Comandos basicos de movimentacao:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">Ctrl+f<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para a proxima tela</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">Ctrl+b<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para a tela anterior</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">H<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para a primeira linha da tela</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">M<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para o meio da tela</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">L<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para a ultima linha da tela</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">h<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor um caracter a esquerda</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">j<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para a proxima linha</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">k<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para linha anterior</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">l<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor um caracter a direita</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">w<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para o inicio da proxima palavra (Ignora a pontuacao)</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">W<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para o inicio da proxima palavra (Nao ignora a pontuacao)</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">b<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para o inicio da palavra anterior (Ignora a pontuacao)</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">B<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para o inicio da palavra anterior (Nao ignora a pontuacao</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">0<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para o inicio da linha atual</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">^<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para o primeiro caracter nao branco da linha atual</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">$<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para o final da linha atual</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">nG<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para a linha n</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">G<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para a ultima linha do arquivo</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Comandos basicos para localizar texto:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">/palavra<span class="Apple-tab-span" style="white-space: pre;"> </span>Busca pela palavra ou caracter em todo o texto</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">?palavra<span class="Apple-tab-span" style="white-space: pre;"> </span>Move o cursor para a ocorrencia anterior da palavra</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">n<span class="Apple-tab-span" style="white-space: pre;"> </span>Repete o ultimo comando / ou ?</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">N<span class="Apple-tab-span" style="white-space: pre;"> </span>Repete o ultimo comando / ou ? , na direcao reversa</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">Ctrl+g<span class="Apple-tab-span" style="white-space: pre;"> </span>Mostra o nome do arquivo, o numero da linha corrente e o total de linhas</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Comandos basicos para alteracao de texto:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">x<span class="Apple-tab-span" style="white-space: pre;"> </span>Deleta o caracter que esta sob o cursor</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">dw<span class="Apple-tab-span" style="white-space: pre;"> </span>Deleta a palavra, da posicao atual do cursor ate o final</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">dd<span class="Apple-tab-span" style="white-space: pre;"> </span>Deleta a linha atual</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">D<span class="Apple-tab-span" style="white-space: pre;"> </span>Deleta a linha a partir da posicao atual do cursor ate o final</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">rx<span class="Apple-tab-span" style="white-space: pre;"> </span>Substitui o caracter sob o cursor pelo especificado em x(é opcional indicar o caracter)</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">Rx<span class="Apple-tab-span" style="white-space: pre;"> </span>Substitui a palavra sob o cursor pela palavra indicada em x</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">u<span class="Apple-tab-span" style="white-space: pre;"> </span>Desfaz a ultima modificacao</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">U<span class="Apple-tab-span" style="white-space: pre;"> </span>Desfaz todas as modificacoes feitas na linha atual</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">J<span class="Apple-tab-span" style="white-space: pre;"> </span>Une a linha corrente a proxima</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">s:/palavra1/palavra2<span class="Apple-tab-span" style="white-space: pre;"> </span>Substitui a primeira ocorrencia de "palavra1" por "palavra2"</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Comandos para salvar o texto:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">:wq<span class="Apple-tab-span" style="white-space: pre;"> </span>Salva o arquivo e sai do editor</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">:w nome_do_arquivo<span class="Apple-tab-span" style="white-space: pre;"> </span>Salva o arquivo corrente com o nome especificado</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">:w! nome_do_arquivo<span class="Apple-tab-span" style="white-space: pre;"> </span>Salva o arquivo corrente no arquivo especificado</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">:q<span class="Apple-tab-span" style="white-space: pre;"> </span>Sai do editor</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">:q!<span class="Apple-tab-span" style="white-space: pre;"> </span>Sai do editor sem salvar as alteracoes realizadas</span><br />
<div>
<br /></div>
Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-82011400380010006552013-08-07T16:56:00.000-03:002013-09-17T15:45:58.220-03:00Como desabilitar "Active Mode" do Smartview Tracker<span style="font-family: Trebuchet MS, sans-serif;">Active Connections é uma opção do Smartview Tracker que é possível visualizar as conexões ativas no Firewall em tempo real.</span><div>
<span style="font-family: Trebuchet MS, sans-serif;">O uso dela pode aumentar a CPU e até chegar em 100%.</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiI7I3HOluAoT1FWUCOS16-2IjatFInQI1B1gfW7seWCGycFmLY1Gz2sJaUGTVw2tFaKiI_3FRpIKmm7Zd0RUuuPGu8H7J1KfQavBQe8Og3Q2yborx6XC88yDF9JfmFiM9MomXd9N2PKMg/s1600/active+mode.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Trebuchet MS, sans-serif;"><img border="0" height="112" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiI7I3HOluAoT1FWUCOS16-2IjatFInQI1B1gfW7seWCGycFmLY1Gz2sJaUGTVw2tFaKiI_3FRpIKmm7Zd0RUuuPGu8H7J1KfQavBQe8Og3Q2yborx6XC88yDF9JfmFiM9MomXd9N2PKMg/s320/active+mode.png" width="320" /></span></a></div>
<div>
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">Para desabilitar essa opção:</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">*</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">No Windows:</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">Vá ao diretório <span style="line-height: 115%;">C:\Program Files
(x86)\CheckPoint\SmartConsole\R65\PROGRAM\GuiDBedit.exe</span></span></div>
<div>
<span style="line-height: 115%;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div>
<span style="line-height: 115%;"><span style="font-family: Trebuchet MS, sans-serif;">Edite o campo conforme a imagem abaixo</span></span></div>
<div>
<span style="line-height: 115%;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm2Fqn2IKc8dxF4UKhd2lSqLrVrK8Fn0bpLcbreHW1OfY6IGesvHtte1iUW-MiEnMUXLa4l6J4Y83KNJQcS1_h80QPzOr-XF2jsNyRTydizthABYaK1HOU_pZMkmbnoH9qfxC5hrassBQ/s1600/disable_active_conn.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Trebuchet MS, sans-serif;"><img border="0" height="215" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm2Fqn2IKc8dxF4UKhd2lSqLrVrK8Fn0bpLcbreHW1OfY6IGesvHtte1iUW-MiEnMUXLa4l6J4Y83KNJQcS1_h80QPzOr-XF2jsNyRTydizthABYaK1HOU_pZMkmbnoH9qfxC5hrassBQ/s400/disable_active_conn.png" width="400" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;">Salve as alterações. File > Save all</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;">Feche o Smartview Tracker.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;">Abra o Smartdashboard.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;">Vá em Policy > Install Database.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;">Policy > Install Policy</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;">Na Manager (Management Server):</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;"># cpstop</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;"># cpstart</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Trebuchet MS, sans-serif;">*</span></div>
<span style="font-family: 'Tms Rmn', serif; font-size: 12pt; line-height: 115%;"></span>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com1tag:blogger.com,1999:blog-9014730471071371383.post-19847798254253041402013-08-05T16:32:00.000-03:002013-09-17T15:45:58.202-03:00Como utilizar mais de um Cluster na mesma rede<span style="font-family: Trebuchet MS, sans-serif;">Utilizar mais de um Cluster na mesma rede e ter problemas com o funcionamento é comum, como:</span><div>
<span style="font-family: Trebuchet MS, sans-serif;">Chaveamento automático</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">Status em <b>Ready </b>ao executar o comando cphaprob state.</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span><div>
<span style="font-family: Trebuchet MS, sans-serif;">Os pacotes CCP (Cluster Control Protocol) que são enviados entre os membros do mesmo Cluster são recebidos por outro Cluster e ocorre tal problema.</span></div>
</div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">Uma das possíveis soluções:</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><a name='more'></a><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">*</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">Para verificar os valores configurados</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"># expert</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"># fw ctl get int fwha_mac_magic</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"># fw ctl get int fwha_mac_forward_magic</span></div>
<div>
<br /></div>
<div>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;">Os valores padrão são:</span></span></div>
<div>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><span style="background-color: white;"># </span><span style="background-color: white;">fwha_mac_magic = 254</span></span></div>
<div>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"># fwha_mac_forward_magic = 253</span></span></div>
<div>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;">Para alterar:</span></span></div>
<div>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"># expert</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"># fw ctl set int fwha_mac_magic 50</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"># fw ctl set int fwha_mac_forward_magic 51</span></div>
</div>
<div>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div>
<span style="background-color: white;"><span style="font-family: Trebuchet MS, sans-serif;">*</span></span></div>
<div>
<span style="background-color: white; font-family: Verdana, Geneva, Arial, Helvetica, sans-serif; font-size: 11.818181991577148px;"><br /></span></div>
Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-13807511001342760712013-08-02T09:37:00.002-03:002013-09-17T15:45:58.200-03:00Como montar .ISO no SPLAT<span style="font-family: Trebuchet MS, sans-serif;">Esse procedimento funciona em Splat (Secure Platform).</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># mount -o loop ./Checkpoint_image.iso /mnt/cdrom</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Caso apareça que a pasta de destino não existe:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># mkdir -p /mnt/cdrom</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-50996689817131798342013-08-01T13:47:00.002-03:002013-09-17T15:45:58.208-03:00Alterar diretório padrão de Logs<span style="font-family: Trebuchet MS, sans-serif;">Segue um procedimento para alterar o diretório padrão de Logs na Manager (Security Management Server).</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Procedimento funciona para Splat, Gaia, IPSO.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"></span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br /></span><br />
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># cpstop</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"># mkdir -v -p /nome_do_diretorio</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"># mv $FWDIR/log $FWDIR/log_original</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"># ln -s /nome_do_diretorio $FWDIR/log</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"># cpstart</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Para verificar se foi criado corretamente:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># ls -l /nome_do_diretorio</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-74385002036611508552013-07-31T12:50:00.001-03:002013-09-17T15:45:58.217-03:00Como montar Pen Drive<span style="font-family: Trebuchet MS, sans-serif;">Para montar um Pen Drive no Splat (Secure Platform):</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Em modo Expert</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"></span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># mkdir /mnt/usb</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># modprobe usb-storage</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"># dmesg (para verificar como o USB foi reconhecido)</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"> Procure pela linha que comece com:<span style="background-color: white;"> </span><code style="background-color: white;">SCSI device</code><span style="background-color: white;">.</span><span style="background-color: white;"> </span></span><br />
<span style="font-family: Trebuchet MS, sans-serif;"> Um exemplo: <code style="background-color: white;">SCSI device sdb: ...</code><span style="background-color: white;"> </span><br style="background-color: white;" /> Algumas linhas abaixo deverá ter uma linha como essa: <code style="background-color: white;">sdb: sdb1</code><span style="background-color: white;"> </span></span><br />
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">Anote essa partição "sdb1"</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">#mount -t vfat /dev/sdb1 /mnt/usb</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">Para desmontar:</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"># umount /mnt/usb</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">*</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">Obs.: 1. Para desmontar é necessário estar em uma pasta diferente da "/mnt/usb"</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"> 2. Só é possível executar "modprobe usb-storage" após ter executado "<i>sysconfig</i>".</span></div>
Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-57383774989462832832013-07-31T12:27:00.001-03:002013-09-17T15:45:58.210-03:00Como montar CD-ROM externo<span style="font-family: Trebuchet MS, sans-serif;">Alguns appliances possuem entrada USB, possibilitando o uso de um driver de CD externo.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Para isso é necessário montar o driver.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Segue o procedimento:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"></span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">modprobe usb-uhci</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">modprobe usb-storage</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">mkdir -p /mnt/cdrom</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">mount /dev/scd0 /mnt/cdrom</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span>Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-58692099266203067732013-07-30T15:25:00.003-03:002013-10-02T11:47:00.339-03:00Habilitar SCP no SPLAT<span style="font-family: Trebuchet MS, sans-serif;">Muitas vezes quando tentamos acessar o Splat (Secure Platform) pelo WinSCP, recebemos a seguinte mensagem de erro:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6QTTeqNii3WFGxJ5tVJU0KDqnzGWeK2ENFPQEqD7fFEbCyG3x5_XU9cCOG8oWBxG4E-wL1Hzz-YWjcBRbuZvNx-EWpe09FMSUWpMMMMEMMTZ94IPPuqi5qAbwGcrb6hq8d98iShMPswE/s1600/QsD5t-1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Trebuchet MS, sans-serif;"><img border="0" height="177" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6QTTeqNii3WFGxJ5tVJU0KDqnzGWeK2ENFPQEqD7fFEbCyG3x5_XU9cCOG8oWBxG4E-wL1Hzz-YWjcBRbuZvNx-EWpe09FMSUWpMMMMEMMTZ94IPPuqi5qAbwGcrb6hq8d98iShMPswE/s400/QsD5t-1.jpg" width="400" /></span></a></div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Para solucionar esse problema:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"></span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">Edite com o vi /etc/passwd</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">Altere de "cpshell"para "bash no final da linha que consta o usuário.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">user1:x:0:0::/home/user1:/bin/bash</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">Edite com vi /etc/group</span><br />
<span style="font-family: Trebuchet MS, sans-serif;">Adicione o usuário para o grupo root.</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;">root:x:0:root,user1</span><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">*</span><br />
_________________________________________<br />
<br />
*<br />
<br />
Em expert:<br />
<br />
chsh -s /bin/bash user1<br />
<br />
*Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-76912795441251994072013-07-30T14:23:00.002-03:002013-09-17T15:45:58.218-03:00Configuração TACACS<span style="font-family: Trebuchet MS, sans-serif;">Abaixo segue um script criado para configurar autenticação por TACACS.</span><br />
<div>
<span style="font-family: Trebuchet MS, sans-serif;"></span><br />
<a name='more'></a><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;">O script funciona apenas em IPSO.</span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><a href="http://pt.scribd.com/doc/157029342/Script-TACACS" target="_blank">script_TACACS</a></span><br />
<br />
<span style="font-family: Trebuchet MS, sans-serif;">Crie um arquivo dentro do IPSO ou transfira o script e converta para Unix com o seguinte comando:</span><br />
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span>
<span style="font-family: Trebuchet MS, sans-serif;"><b>tr -d '\r' < script_TACACS.sh > script_TACACS2</b></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com0tag:blogger.com,1999:blog-9014730471071371383.post-71227085487079690552013-07-30T13:26:00.001-03:002013-09-17T15:45:58.215-03:00InauguraçãoInicio do blog focado em troubleshooting e procedimentos que realizei, compartilhando idéias.Rafael Apolináriohttp://www.blogger.com/profile/07265247691440297085noreply@blogger.com2