 | ||
 How do I edit objects.C or objects_5_0.C properly? | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2005-08-12 | |||
| |||
 How do I edit objects.C or objects_5_0.C properly? How do I edit objects.C or objects_5_0.C properly? Editing objects.C is a lot more successful when there are no GUI clients (fwpolicy, fwlog, fwstatus) running against the management console. You can ensure that this is the case by killing the 'fwm' process using the command cpwd_admin stop -name FWM in NG or fw kill fwm in 4.1 and earlier. You can restart it by typing cpwd_admin start -name FWM in NG or fw fwm in 4.1. You should also remove objects.C.sav and objects.C.bak since if they have a more recent timestamp than objects.C, FireWall-1 will replace objects.C with one of these files. If your management console is on Windows, then make sure you use DOS edit or Wordpad. Do not use notepad! Check Point generally recommends you fwstop or cpstop your management console when applying manual changes to objects.C, then typing fwstart or cpstart. All changes to objects.C generally require re-installing the policy for them to take effect. In NG, it is generally recommended that you use a utility called dbedit to edit the objects_5_0.C file. A graphical version of this utility called GUIdbedit is also available from Check Point's site. If your management console is on a Nokia platform and you are using a version of NG prior to FP3, dbedit is known to be unstable and should not be used. In these cases, use GUIdbedit or manually edit the file. An example of using dbedit is provided below. c:> dbeditEnter Server name (ENTER for 'localhost'): 10.0.0.16Enter User Name: dwelchEnter User Password: abc123Please enter a command, -h for help or -q to quit:dbedit> modify properties firewall_properties nat_dst_client_side_manual truedbedit> update properties firewall_properties firewall_properties updated successfully.dbedit> quitAlternatively, you may wish to use the Check Point Database Tool (guidbedit), available from the Check Point Utilities Download Page.-- Main.PhoneBoy - 30 Dec 2003 FAQForm FAQs.Class: MiscellaneousFAQs OperatingSystem?: FAQs.Version:  |
| 2005-11-24 | |||
| |||
| Re: How do I edit objects.C or objects_5_0.C properly? Hi, I cant edit the objects_5_0.c to add a post_connect _script into SecureClient VPN. I have tried to change the objects_5_0.c in order to get a post_connect_script to run after successfull vpn connection. I run cpstop, edit the objects_5_0.c file with dbedit - post_connect_script (c:\blabla.bat). The change is applied to the file. I run cpstart. I open the smart dashboard an reinstall the policy. I use the SecureClient packaging tool and create an install package (connect mode). I create a new site in the SecureClient an connect to our FW1. The policy gets uppdated. But ther is no sign of the post_connect script Did i miss something ? Tried to follow the post "How do I edit Objects_5_0.c properly" Regards HotDog |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
