How to query TCP/UDP ports

[jeetu_chaudhari]

Hi all ,

I am very new to check point.
can anyone help me for following doubt.

I want to know how i can query TCP or UDP port like we do for querying object or query rule in smart dash board. ?
for example if i want to know where TCP port 4595 is used how i can do this ?

[BarryStiefel]

Quote:

Originally Posted by jeetu_chaudhari

Hi all ,

I am very new to check point.
can anyone help me for following doubt.

I want to know how i can query TCP or UDP port like we do for querying object or query rule in smart dash board. ?
for example if i want to know where TCP port 4595 is used how i can do this ?

Create a service object for that port, then mask the service element in your rule base to hide all rules that don't involve that service.

[Sergej]

Select object you like (the Object must already exist for the port), Right-Click and select where used. The table will show all rules this object is used.

[BarryStiefel]

Quote:

Originally Posted by Sergej

Select object you like (the Object must already exist for the port), Right-Click and select where used. The table will show all rules this object is used.

Oooh, even better!

[jeetu_chaudhari]

Thanks for input.
but,
see , i dont want to query rule that is based on objects created.
i just simply want to query only port.
say for example i want to know where TCP port 4565 is used ? how i can search in dashboard ?

[Sergej]

Checkpoint is dealing with objects only. Object are everywhere. You can not put port number or IP address directly to a rules (with a small exceptions).

So you can:
1) Create a temporary service object for a port e.g. jeetu_port, put number 4565 inside and use "where used" to find where the object is used. It is possible that the service object is already created for a mentioned port. Click and use "where used" on the existing object.
2) (expert) Use web visualization tool to export rulebase to a HTML. Use find and other tools to play with rules.