Check Point – Add Cluster State to CLI Prompt

tl;dr

  • Add the following line to the bottom of the ~/.bashrc file
a=`cphaprob stat|grep local|awk '{print $5}'`; case $a in *CTIVE*|*ctive*) a=`tput setaf 2; echo $a`;; *TANDBY*|*tandby*) a=`tput setaf 5; echo $a`;; *) a=`tput setaf 1; echo $a`; esac; PS1="[Expert@\h:`cat /proc/self/nsid`:$a\e[0m]# "; unset a

What is this for?


This post is to modify the CLI prompt you get when working in expert mode in Check Point so it will let you know if the device you are working on is active or standby. Note however this only updates at logon so if the device fails over and your session is still active the prompt wont update.

Reference:

  • https://community.checkpoint.com/t5/General-Topics/Add-cluster-state-to-gaia-prompt-clish-and-bash/m-p/72963#M14809

System Setup:


Operating System:
Check Point R80.40


Hardware:
Check Point 15400

Getting down to business…

Okay so we first need to connect to the Check Point in expert mode. You can do this using an account that is configured with a /bin/bash shell. Alternatively you can login to an account that is configured with a /etc/cli.sh shell and then type “expert” followed by the expert password. You should then get the following prompt:

[Expert@hostname:0]# 

From here we can then use the trusty “vi” text editor to modify the ~/.bashrc file.

[Expert@hostname:0]# vi ~/.bashrc

I am not going to make this a guide on vi because that could be a post on its own. If you are not sure what you are doing you want to press “a” to change into “append” mode. Then use the arrow keys to move to the end of the file and create a new line. You can then copy and paste the line below into the file. One this is done you can press “Esc” to come out of append mode. Once out of this mode you can type “:wq” that should then appear at the bottom of the screen. This tells the vi to (w) write the changes to the file and (q) quit the program.

a=`cphaprob stat|grep local|awk '{print $5}'`; case $a in *CTIVE*|*ctive*) a=`tput setaf 2; echo $a`;; *TANDBY*|*tandby*) a=`tput setaf 5; echo $a`;; *) a=`tput setaf 1; echo $a`; esac; PS1="[Expert@\h:`cat /proc/self/nsid`:$a\e[0m]# "; unset a

Remember this only updates when you login. So start a new putty session and you should now have a nice colour coded prompt telling you if the device is active, standby or down.

Enjoy!

Leave a Reply

Your email address will not be published. Required fields are marked *