by admin_import on 03/05/2010
From: http://snippets.dzone.com/posts/show/116
An equivalent of the other find-replace, except it’s a one-liner that generates no temp files, and is more flexible:
perl -pi -e 's/find/replace/g' *.txtOr, to change matching files in a hierarchy:
find . -name '*.txt' |xargs perl -pi -e 's/find/replace/g'
That didn’t work when the file names contained white space. This seems to work even with them (with GNU find and xargs):
find . -name '*.txt' -print0 |xargs -0 perl -pi -e 's/find/replace/g'
by admin_import on 03/05/2010
command_line.exe connect -s [IP-CheckPoint-Gateway] -f "[certificate file]" -p [Password]
Example:
c:program filescheckpointendpoint connectcommand_line.exe connect -s 195.19.17.178 -f "f:certfile.p12" -p secret
It is very important that the argument for the Parameter -f (certificate file) is set in quotation marks!
by admin_import on 03/05/2010
Open Command-Line-Box (cmd.exe) with Administrator-Rights.
C:>netsh int ip sh int
Idx Met MTU State Name
--- --------- ---------- ------------ ---------------------------
1 50 4294967295 connected Loopback Pseudo-Interface 1
11 10 1500 connected LAN-Connection
12 0 1350 disconnected LAN-Connection* 9
Search the virtual Interface from Check Point Endpoint Connect. It is the Interface with Metric 0, MTU 1350 and an asterisk at the name – at this example “LAN-Connection* 9” -.
Now set the first DNS-Server o your remote Domain for the VPN-Connection – normally it is the Active Domian Controller (here for example 10.0.0.1) on remote VPN-Network –
C:>netsh int ip set dns "LAN-Connection* 9" static 10.0.0.1
To add an secondary DNS-Server and so on use following command:
C:>netsh int ip add dns "LAN-Connection* 9" 10.0.0.2
Now check settings:
C:>netsh int ip show dns
On the same way you can set the WINS-Servers of your Domain. You have to use wins instead of dns on all commands.
by admin_import on 02/05/2010
my %seen;
@array = grep !$seen{$_}++, @array;
by admin_import on 02/05/2010
#english with comma
my $number_readable = () = $number =~ s/(d{1,3})(?=(d{3})+($))/$1,/g;
#german with dot
my $number_readable = () = $number =~ s/(d{1,3})(?=(d{3})+($))/$1./g;
by admin_import on 02/05/2010
my $countlines = () = $string =~ m/n/gs;
by admin_import on 02/05/2010
At the site “Check Point products support for Windows 7 [sk43446]” is written that “VPN-1 SecuRemote/SecureClient NGX R60 HFA 03” support Mircosoft Windows 7 (only 32-Bit).
But I made bad experiences with working SecuRemote/SecureClient on Windows 7 (over 30 Windows 7 Clients), so that i can not recommend to use SecuRemote/SecureClient on Windows 7.
Here are some of the problems:
After a few week searching for a network-error and a call at the Microsoft Support – they did a very good job – , we disabled the SecuRemote-Binding on the LAN-Interface, disabled the SecuRemote-Kernel-Driver and all problems have gone.
To solve the problem total we deinstalled SecuRemote/SecureClient on every notebook and installed the new Check Point Endpoint Connect R73 (works on 32-Bit & 64-Bit). After the installation of the new VPN Client, we do not have anymore any problems!
by admin_import on 24/02/2009
After installing recommended Sun Solaris Patch 114344-25 or newer on CheckPoint Firewall based on Solaris 10 with JumpStart Architecture and Security Scripts (JASS) toolkit there are local problems at DNS lookups on the firewall node.
# nslookup www.ebay.com
… Result was changing between timeout and right result
Resolution:
Kernel Parameter “ip_strict_dst_multihoming” is set to strict value (1) by JASS startup-script /etc/init.d/nddconfig. By Solaris OS default the parameter is set to the unstrict value (0). You have to change the parameter back to the unstrict value (0).
# ndd /dev/ip ip_strict_dst_multihoming 0
And change value from 1 to 0 in JASS startup-script or commented the setting of this Kernel Parameter out.
Remark:
The use of JASS is strictly recommended to harding the Solaris OS of the firewall node.
by admin_import on 02/09/2008
First export the setting via Web-GUI as exp-File (System –> Settings –> Export Settings).
Now create a new perl script for Base64-decoding on your host…
#!/usr/bin/perl
#Scriptname: decodeuse strict;
use MIME::Base64;local($/) = undef; # slurp
my $decoded = decode_base64(<STDIN>);
$decoded =~ s/&/n/gms;
print $decoded;
… and decode the file with the Sonicwall configuration:
cat sonicwall-PRO_xxxx_Enhanced-3_x_x_x-xxx.exp | ./decode
Here is an example of a Sonicwall Configuration:
checksumVersion=1
buildNum=3.x.x.x-xxx
userIV=xxxxxxxxxxxxx
passwordUniqueNum=0
cfspName_0=Default
cfspOptionMask_0=7
cfspCatMask_0=255,15,0,0,0,0,0,0
cfsPolicyTime_0=
cfspInUse_0=1
zoneObjId_0=LAN
zoneObjProperties_0=50973
zoneObjCflProfile_0=0
zoneObjCfspId_0=Default
zoneObjSslCtrlProfile_0=0
zoneObjZoneType_0=1
zoneObjIntraZoneCom_0=1
zoneObjAvProfile_0=0
zoneObjASProfile_0=0
zoneObjGavProfile_0=0
zoneObjGscProfile_0=0
zoneObjGroupVpn_0=0
zoneObjMyIDPProfile_0=0
zoneObjEnforceWiFi_0=0
zoneObjEnforceSslvpn_0=0
zoneObjSslvpnIp_0=
zoneObjSslvpnPort_0=
zoneObjWiFiException_0=0
zoneObjWiFiExceptionHandle_0=
zoneObjRestrictVpnTrav_0=0
zoneObjAllowWPA_0=0
zoneObjSonicPointProfHandle_0=
zoneObjSonicPointOnly_0=0
...
Works on:
by admin_import on 08/07/2008
Apache:
Apache 1.3 Quick Reference Card
http://refcards.com/refcard/apache-forda
Checkpoint FW-1/VPN-1:
German: Die 100 wichtigsten Check Point VPN-1-Kommandos
http://www.galileocomputing.de/download/artikel/346/galileocomputing_poster_check_point_a3.pdf
Cisco:
Ciscopedia: A new Windows-Help-formatted File with a big Reference for Cisco command
http://www.google.de/search?q=ciscopedia-v3
Perl:
Perl Regular Expressions
http://refcards.com/docs/trusketti/perl-regexp/perl-regexp-refcard-a4.pdf
And some more see: