CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 4 of 4

Thread: dbedit rule id syntax

  1. #1
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,654
    Rep Power
    10

    Default dbedit rule id syntax

    Does anyone know how the logic behind rule id of a dbedit script for adding/removing objects from src/dst of rules?

    If i try to add/edit rule 119 as shown in dashboard the changes go in 103 (or around there). I'm guessing somehow disabled rules and / or comments change the dbedit rule number but i haven't wrapped my head around it yet.
    Last edited by jflemingeds; 2017-12-12 at 15:57. Reason: make that a little more clear

  2. #2
    Join Date
    2007-03-30
    Location
    DFW, TX
    Posts
    309
    Rep Power
    13

    Default Re: dbedit rule id syntax

    Quote Originally Posted by jflemingeds View Post
    Does anyone know how the logic behind rule id of a dbedit script for adding/removing objects from src/dst of rules?

    If i try to add/edit rule 119 as shown in dashboard the changes go in 103 (or around there). I'm guessing somehow disabled rules and / or comments change the dbedit rule number but i haven't wrapped my head around it yet.
    Rule headers are a special class of rule. Not sure if that could explain 16 missing rules. How many implied rules do you have enabled?
    Zimmie

  3. #3
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,654
    Rep Power
    10

    Default Re: dbedit rule id syntax

    Quote Originally Posted by Bob_Zimmerman View Post
    Rule headers are a special class of rule. Not sure if that could explain 16 missing rules. How many implied rules do you have enabled?
    9 rule headers. Difference right now is 16 (or 15 i'm guessing rule base is off by 1?) I have 1 disabled rule as well. Still not enough. :/

    implied rules blasts ways past that number.

  4. #4
    Join Date
    2007-03-30
    Location
    DFW, TX
    Posts
    309
    Rep Power
    13

    Default Re: dbedit rule id syntax

    Quote Originally Posted by jflemingeds View Post
    9 rule headers. Difference right now is 16 (or 15 i'm guessing rule base is off by 1?) I have 1 disabled rule as well. Still not enough. :/

    implied rules blasts ways past that number.
    Disabled rules definitely count in both. The rule doesn't just disappear. Maybe take a look at the rulebases_5_0.fws file directly?
    Zimmie

Similar Threads

  1. eth_set syntax
    By alesterbr in forum Miscellaneous
    Replies: 3
    Last Post: 2010-03-19, 09:56
  2. Create Rule - DBEDIT
    By pviana in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 1
    Last Post: 2008-08-18, 09:47
  3. user.def syntax
    By lars-rune in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 6
    Last Post: 2008-07-17, 03:38
  4. tcpdump syntax...
    By evo22 in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 3
    Last Post: 2008-01-15, 13:38
  5. ftp syntax
    By BSDsnob in forum Authentication
    Replies: 7
    Last Post: 2006-07-25, 06:03

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •