Monthly Archives: March 2014

Check Your gtar versions

Here is an interesting one that doesn’t show up anywhere

Our SOME (not all) R75.47 HAs were failing (and I’m having suspicions about our backups).

  • $CPDIR/util/gtar –version    = 1.12
  • /bin/tar –version               = 1.15.1

Sure enough some sort of version incompatibility.

  • cp /bin/tar $CPDIR/util/gtar

Fixed it.

Taylor found it! Thanks.


Manually restoring SIC files

Every now and then SIC just tends to disappear so we manually reset. Got this from a colleague (who taught me all I don’t know which is a ton) when they lost SIC on several firewalls  because their restores didn’t work when they tried to upgrade to R77.10 and had massive failures and had to revert. THEY:

– Replaced registry file $CPDIR/registry/
– Also  $CPDIR/conf/sic_cert.p12
– Had to go through several backups to find ‘good’ SIC keys. VERY disconcerting. 

My demo box. $CPDIR/registry/


Be careful out there those of you living on the sharp upgrade end.


Great update on performance tuning SK

Finally someone did a great job updating this SK on performance tuning. As I read it I will post my comments here.

If this still is jibberish, you should take my class we go into extreme detail on all of this.

I spoke with the people Stella and Sergi updating the SK’s and they seem really dedicated and so for are doing a great job updating them. Thank YOU!!

SK Heaven,






Snapshot space, GAIA disk space allocation and upgrades

Ya know when you are installing GAIA and it tries to reserve 2000TB for snapshot images? At the time you are thinking “GEEZ Guido, how much space does a single image take???”. So you are not sure how to allocate all the memory.

My suggestions:

  1. Snapshots: You really are only going to keep 2 snaphots. 1 after you install/upgrade and then 1 before you upgrade (so you can go backward when it blows up).  So depending if you are dealing big MDS ours has 10GB snapshots. So if you allocation 50GB for snapshots you will be good for at least 2-5 snapshots. If the box has logs on it…then I’m not sure what to tell you but it will be big.snapshot allocation
  2. Root: This is a funny one. Depends on open server vs appliance. Open appliance they dump all the backups and customer directory into the Root partition even thought the /var/log is suppose to have the biggest partition. So on MDS open appliance assuming you moved everything over to /var/log and have all the patches you can make this about 20GB. But warning, if you didn’t move over to /var/log, then ‘backup’ command will load into this partition. Without backups, you are looking at about 5GB of code to install here. But once again you are warned about moving customer data, and backups into /var/log.
  3. /var/log: For an MLM, of course this is your biggest partition. NOTE: if you have bigger than 2TB disks you are going to have to use lvm to link them together. Read my blog about that (its a kernel block size limit).

Allocate ON!


Michael Endrizzi's - St. Paul MN - CheckPoint blog on topics related to Check Point products and security in general.