2006-10-24, 12:17
We're running CheckPoint NGX HFA02.

If we check "Create new database version upon Install Policy Operation", can we create a script in our SmartCenter Server (SPLat) to delete directories under $FWDIR/conf/db_versions/repository/ so that only, say, five database versions are saved, and use cron to schedule the script to run regularly? Will this method of cleaning up old database versions do any harm, or must these versions be deleted manually? Is there a better way to maintain the database versions?

2006-12-04, 11:59
It's not going to harm anything, but the versioning_db.fws file will get out of date.

You could look into the dbver command. ($FWDIR/bin/dbver -help). It's documented in the CLI PDF.

2009-04-01, 12:06
Picking up an old thread, but I just had to do with it, so I though why not to share it with you...

dbver -s $i -c $cert -w $pw -m create revision-$dat Autorevision

VersionArray=(`dbver -s ${i} -c ${cert} -w ${pw} -m print_all | grep -i "Version Id:" | sed -e 's/Version Id: //g'`)
for ((j=0; j < ${#VersionArray[@]} - 10; j++))
dbver -s ${i} -c ${cert} -w ${pw} -m delete ${VersionArray[j]}

Using crontab, we run this script once a week to make automatic checkpoint, while in the for-loop, we make sure to just keep the last 10 versions (- 10)