Checkpoint: Sample “dmidecode” Output from a UTM-1 130

This article shows a sample output when using dmidecode on a Checkpoint UTM-1 appliance.

Check here to see what the model numbers equate to e.g. this model is reported as a U-5-00 which is a UTM-1 130 appliance:

[Expert@fw-trinity:0]# dmidecode
# dmidecode 2.7
SMBIOS 2.3 present.
45 structures occupying 1755 bytes.
Table at 0x000FB380.

Handle 0x0000, DMI type 0, 24 bytes.
BIOS Information
Vendor: American Megatrends Inc.
Version: 080015
Release Date: 03/03/2009
Address: 0xF0000
Runtime Size: 64 kB
ROM Size: 1024 kB
Characteristics:
ISA is supported
PCI is supported
PNP is supported
APM is supported
BIOS is upgradeable
BIOS shadowing is allowed
ESCD support is available
Boot from CD is supported
Selectable boot is supported
BIOS ROM is socketed
EDD is supported
5.25″/1.2 MB floppy services are supported (int 13h)
3.5″/720 KB floppy services are supported (int 13h)
3.5″/2.88 MB floppy services are supported (int 13h)
Print screen service is supported (int 5h)
8042 keyboard services are supported (int 9h)
Serial services are supported (int 14h)
Printer services are supported (int 17h)
CGA/mono video services are supported (int 10h)
ACPI is supported
USB legacy is supported
LS-120 boot is supported
ATAPI Zip drive boot is supported
BIOS boot specification is supported
Function key-initiated network boot is supported
BIOS Revision: 8.15

Handle 0x0001, DMI type 1, 27 bytes.
System Information
Manufacturer: CheckPoint
Product Name: U-5-00
Version: To Be Filled By O.E.M.
Serial Number: To Be Filled By O.E.M.
UUID: 00020003-0004-0005-0006-000700080009
Wake-up Type: Power Switch
SKU Number: To Be Filled By O.E.M.
Family: To Be Filled By O.E.M.

Handle 0x0002, DMI type 2, 15 bytes.
Base Board Information
Manufacturer: To be filled by O.E.M.
Product Name: To be filled by O.E.M.
Version: To be filled by O.E.M.
Serial Number: To be filled by O.E.M.
Asset Tag: To Be Filled By O.E.M.
Features:
Board is a hosting board
Board is replaceable
Location In Chassis: To Be Filled By O.E.M.
Chassis Handle: 0x0003
Type: Motherboard
Contained Object Handles: 0

Handle 0x0003, DMI type 3, 21 bytes.
Chassis Information
Manufacturer: To Be Filled By O.E.M.
Type: Desktop
Lock: Not Present
Version: To Be Filled By O.E.M.
Serial Number: To Be Filled By O.E.M.
Asset Tag: To Be Filled By O.E.M.
Boot-up State: Safe
Power Supply State: Safe
Thermal State: Safe
Security Status: None
OEM Information: 0x00000000
Heigth: Unspecified
Number Of Power Cords: 1
Contained Elements: 0

Handle 0x0004, DMI type 4, 35 bytes.
Processor Information
Socket Designation: CPU 1
Type: Central Processor
Family: Celeron
Manufacturer: Intel
ID: 95 06 00 00 BF FB E9 A7
Signature: Type 0, Family 6, Model 9, Stepping 5
Flags:
FPU (Floating-point unit on-chip)
VME (Virtual mode extension)
DE (Debugging extension)
PSE (Page size extension)
TSC (Time stamp counter)
MSR (Model specific registers)
MCE (Machine check exception)
CX8 (CMPXCHG8 instruction supported)
APIC (On-chip APIC hardware supported)
SEP (Fast system call)
MTRR (Memory type range registers)
PGE (Page global enable)
MCA (Machine check architecture)
CMOV (Conditional move instruction supported)
PAT (Page attribute table)
CLFSH (CLFLUSH instruction supported)
DS (Debug store)
ACPI (ACPI supported)
MMX (MMX technology supported)
FXSR (Fast floating-point save and restore)
SSE (Streaming SIMD extensions)
SSE2 (Streaming SIMD extensions 2)
TM (Thermal monitor supported)
PBE (Pending break enabled)
Version: Genuine Intel(R) processor               600MHz
Voltage: 1.0 V
External Clock: 100 MHz
Max Speed: 600 MHz
Current Speed: 600 MHz
Status: Populated, Enabled
Upgrade: Other
L1 Cache Handle: 0x0005
L2 Cache Handle: 0x0006
L3 Cache Handle: 0x0007
Serial Number: To Be Filled By O.E.M.
Asset Tag: To Be Filled By O.E.M.
Part Number: To Be Filled By O.E.M.

Handle 0x0005, DMI type 7, 19 bytes.
Cache Information
Socket Designation: L1-Cache
Configuration: Enabled, Not Socketed, Level 1
Operational Mode: Write Back
Location: Internal
Installed Size: 32 KB
Maximum Size: 32 KB
Supported SRAM Types:
Other
Installed SRAM Type: Other
Speed: Unknown
Error Correction Type: Single-bit ECC
System Type: Data
Associativity: 8-way Set-associative

Handle 0x0006, DMI type 7, 19 bytes.
Cache Information
Socket Designation: L2-Cache
Configuration: Enabled, Not Socketed, Level 2
Operational Mode: Write Back
Location: Internal
Installed Size: 512 KB
Maximum Size: 512 KB
Supported SRAM Types:
Other
Installed SRAM Type: Other
Speed: Unknown
Error Correction Type: Single-bit ECC
System Type: Unified
Associativity: 4-way Set-associative

Handle 0x0007, DMI type 7, 19 bytes.
Cache Information
Socket Designation: L3-Cache
Configuration: Disabled, Not Socketed, Level 3
Operational Mode: Unknown
Location: Internal
Installed Size: 0 KB
Maximum Size: 0 KB
Supported SRAM Types:
Unknown
Installed SRAM Type: Unknown
Speed: Unknown
Error Correction Type: Unknown
System Type: Unknown
Associativity: Unknown

Handle 0x0008, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J1A1
Internal Connector Type: None
External Reference Designator: PS2Mouse
External Connector Type: PS/2
Port Type: Mouse Port

Handle 0x0009, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J1A1
Internal Connector Type: None
External Reference Designator: Keyboard
External Connector Type: PS/2
Port Type: Keyboard Port

Handle 0x000A, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J2A2
Internal Connector Type: None
External Reference Designator: USB1
External Connector Type: Access Bus (USB)
Port Type: USB

Handle 0x000B, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J2A2
Internal Connector Type: None
External Reference Designator: USB2
External Connector Type: Access Bus (USB)
Port Type: USB

Handle 0x000C, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J4A1
Internal Connector Type: None
External Reference Designator: LPT 1
External Connector Type: DB-25 male
Port Type: Parallel Port ECP/EPP

Handle 0x000D, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J2A1
Internal Connector Type: None
External Reference Designator: COM A
External Connector Type: DB-9 male
Port Type: Serial Port 16550A Compatible

Handle 0x000E, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J6A1
Internal Connector Type: None
External Reference Designator: Audio Mic In
External Connector Type: Mini Jack (headphones)
Port Type: Audio Port

Handle 0x000F, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J6A1
Internal Connector Type: None
External Reference Designator: Audio Line In
External Connector Type: Mini Jack (headphones)
Port Type: Audio Port

Handle 0x0010, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J6B1 – AUX IN
Internal Connector Type: On Board Sound Input From CD-ROM
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Audio Port

Handle 0x0011, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J6B2 – CDIN
Internal Connector Type: On Board Sound Input From CD-ROM
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Audio Port

Handle 0x0012, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J6J2 – PRI IDE
Internal Connector Type: On Board IDE
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x0013, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J6J1 – SEC IDE
Internal Connector Type: On Board IDE
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x0014, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J4J1 – FLOPPY
Internal Connector Type: On Board Floppy
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x0015, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J9H1 – FRONT PNL
Internal Connector Type: 9 Pin Dual Inline (pin 10 cut)
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x0016, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J1B1 – CHASSIS REAR FAN
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x0017, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J2F1 – CPU FAN
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x0018, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J8B4 – FRONT FAN
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x0019, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J9G2 – FNT USB
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x001A, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J6C3 – FP AUD
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x001B, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J9G1 – CONFIG
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x001C, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J8C1 – SCSI LED
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x001D, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J9J2 – INTRUDER
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x001E, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J9G4 – ITP
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x001F, DMI type 8, 9 bytes.
Port Connector Information
Internal Reference Designator: J2H1 – MAIN POWER
Internal Connector Type: Other
External Reference Designator: Not Specified
External Connector Type: None
Port Type: Other

Handle 0x0020, DMI type 9, 13 bytes.
System Slot Information
Designation: AGP
Type: 32-bit AGP 4x
Current Usage: Available
Length: Short
ID: 0
Characteristics:
3.3 V is provided
Opening is shared
PME signal is supported

Handle 0x0021, DMI type 9, 13 bytes.
System Slot Information
Designation: PCI1
Type: 32-bit PCI
Current Usage: Available
Length: Short
ID: 1
Characteristics:
3.3 V is provided
Opening is shared
PME signal is supported

Handle 0x0022, DMI type 10, 6 bytes.
On Board Device Information
Type: Video
Status: Enabled
Description:   To Be Filled By O.E.M.

Handle 0x0023, DMI type 13, 22 bytes.
BIOS Language Information
Installable Languages: 1
en|US|iso8859-1
Currently Installed Language: en|US|iso8859-1

Handle 0x0024, DMI type 15, 35 bytes.
System Event Log
Area Length: 4 bytes
Header Start Offset: 0x0000
Header Length: 2 bytes
Data Start Offset: 0x0002
Access Method: Indexed I/O, one 16-bit index port, one 8-bit data port
Access Address: Index 0x046A, Data 0x046C
Status: Invalid, Not Full
Change Token: 0x00000000
Header Format: No Header
Supported Log Type Descriptors: 6
Descriptor 1: End of log
Data Format 1: OEM-specific
Descriptor 2: End of log
Data Format 2: OEM-specific
Descriptor 3: End of log
Data Format 3: OEM-specific
Descriptor 4: End of log
Data Format 4: OEM-specific
Descriptor 5: End of log
Data Format 5: OEM-specific
Descriptor 6: End of log
Data Format 6: OEM-specific

Handle 0x0025, DMI type 16, 15 bytes.
Physical Memory Array
Location: System Board Or Motherboard
Use: System Memory
Error Correction Type: None
Maximum Capacity: 4 GB
Error Information Handle: Not Provided
Number Of Devices: 2

Handle 0x0026, DMI type 19, 15 bytes.
Memory Array Mapped Address
Starting Address: 0x00000000000
Ending Address: 0x000400003FF
Range Size: 1048577 kB
Physical Array Handle: 0x0025
Partition Width: 0

Handle 0x0027, DMI type 17, 27 bytes.
Memory Device
Array Handle: 0x0025
Error Information Handle: Not Provided
Total Width: 64 bits
Data Width: 64 bits
Size: 1024 MB
Form Factor: DIMM
Set: None
Locator: DIMM0
Bank Locator: BANK0
Type: SDRAM
Type Detail: Synchronous
Speed: Unknown
Manufacturer: Manufacturer0
Serial Number: SerNum0
Asset Tag: AssetTagNum0
Part Number: PartNum0

Handle 0x0028, DMI type 20, 19 bytes.
Memory Device Mapped Address
Starting Address: 0x00000000000
Ending Address: 0x0003FFFFFFF
Range Size: 1 GB
Physical Device Handle: 0x0027
Memory Array Mapped Address Handle: 0x0026
Partition Row Position: 1
Interleaved Data Depth: 1

Handle 0x0029, DMI type 17, 27 bytes.
Memory Device
Array Handle: 0x0025
Error Information Handle: Not Provided
Total Width: Unknown
Data Width: 64 bits
Size: No Module Installed
Form Factor: DIMM
Set: None
Locator: DIMM1
Bank Locator: BANK1
Type: Unknown
Type Detail: Unknown
Speed: Unknown
Manufacturer: Manufacturer1
Serial Number: SerNum1
Asset Tag: AssetTagNum1
Part Number: PartNum1

Handle 0x002A, DMI type 126, 19 bytes.
Inactive

Handle 0x002B, DMI type 32, 20 bytes.
System Boot Information
Status: No errors detected

Handle 0x002C, DMI type 127, 4 bytes.
End Of Table

Checkpoint: Gaia Web User Interface Fails to Load

This article details how to solve one issue that may be stopping the Gaia web user interface from loading.

The login screen appears but after submitting your username and password, you get stuck on the spinning “flower of death”!

This can be down to a few different things but #1 is disk space – if the disk is full then temp files cannot be created and the webui will not load.

A simple “df -h” will tell you what’s going on:

[Expert@fw2:0]# df -h
Filesystem                        Size  Used Avail Use% Mounted on
/dev/mapper/vg_splat-lv_current   11G  11G  0G  100% /
/dev/sda1                         145M   19M  118M  14% /boot
tmpfs                             980M     0  980M   0% /dev/shm
/dev/mapper/vg_splat-lv_log       11G  986M  9.2G  10% /var/log
[Expert@fw2:0]#

Highlighted in red above we see the offender. Use “du -h” to find the directory which is taking up all the space – my issue was due to backups not being FTP’d off the machine from the “/var/CPbackup/backups/” folder. Once they were removed to free up disk space, everything was back to normal.

Checkpoint: Change the Default Shell for “admin” in Gaia and SecurePlatform

This article details how to change the default shell for both Gaia and SecurePlatform (SPlat) systems.

SecurePlatform

In SecurePlatform, all we need to do is log in to expert mode and use the change shell command – chsh:

myfirewall > expert
Enter expert password:

myfirewall # chsh -s /bin/bash admin<

Shell changed.

This permanently changes the shell and will survive a reboot.

Gaia

The above will also work in Gaia but will not survive a reboot – the shell will default back to clish. Doing a “cat” on /etc/shells in expert mode will show you what is available:

myfirewall> expert
Enter expert password:

Warning! All configuration should be done through clish
You are in expert mode now.

[Expert@myfirewall:0]# cat /etc/shells
/bin/sh
/bin/bash
/sbin/nologin
/usr/bin/scponly
/bin/tcsh
/bin/csh
/etc/cli.sh
[Expert@myfirewall:0]#

To effect the change we use the “set user” command, in this example we will set it to the bash shell:

myfirewall> set user admin <tab to show options:>
force-password-change - Force the user to change their password
gid - User's group ID
homedir - User's home directory
info - DEPRECATED synonym for 'realname'
lock-out - Unlock a locked out user
newpass - User's new password
password - User's password
password-hash - User's password hash
realname - User's real name or other informative label
shell - User's login shell
uid - User's numeric user ID
myfirewall> set user admin shell /bin/bash
myfirewall> save config
myfirewall>

 

** Don’t forget the “save config” at the end!! **

 

Exit mobile version
%%footer%%