-
-
Save bubenkoff/4043130 to your computer and use it in GitHub Desktop.
| #!/bin/bash | |
| # | |
| # The reason of creating this script is that Endpoint Security VPN installs it's own application firewall kext cpfw.kext | |
| # which prevents for example PPTP connections from this computer, which is not appropriate if you need subj connection just | |
| # from time to time | |
| # | |
| # Usage: ./checkpoint.sh | |
| # | |
| # The script checks if Enpoint Security VPN is running. If it is, then it shuts it down, if it is not, it fires it up. | |
| # Or, make an Automator action and paste the script. | |
| # You will need sudo power, of course | |
| # | |
| # To prevent Endpoint Security VPN from starting automatically whenever you restart your Mac, edit this file: | |
| # `/Library/LaunchAgents/com.checkpoint.eps.gui.plist` | |
| # And change the values of `RunAtLoad` and `KeepAlive` to `false` | |
| # [Source](https://superuser.com/questions/885273) | |
| SERVICE='Endpoint_Security_VPN' | |
| if pgrep $SERVICE > /dev/null | |
| then | |
| # $SERVICE is running. Shut it down | |
| [ -f /Library/LaunchDaemons/com.checkpoint.epc.service.plist ] && sudo launchctl unload /Library/LaunchDaemons/com.checkpoint.epc.service.plist | |
| [ -d /Library/Extensions/cpfw.kext ] && sudo kextunload /Library/Extensions/cpfw.kext | |
| [ -d '/Applications/Check Point Firewall.app' ] && open -W -n -a '/Applications/Check Point Firewall.app' --args --disable | |
| killall $SERVICE | |
| else | |
| # $SERVICE is not running. Fire it up | |
| [ -f /Library/LaunchDaemons/com.checkpoint.epc.service.plist ] && sudo launchctl load /Library/LaunchDaemons/com.checkpoint.epc.service.plist | |
| [ -d /Library/Extensions/cpfw.kext ] && sudo kextload /Library/Extensions/cpfw.kext | |
| [ -d '/Applications/Check Point Firewall.app' ] && open -W -n -a '/Applications/Check Point Firewall.app' --args --enable | |
| [ -d '/Applications/Endpoint Security VPN.app' ] && open '/Applications/Endpoint Security VPN.app' | |
| fi |
I'm deeply touched by this script. Thanks. Thank you very much. I can finally AirDrop (and much more) again from my Mac again.
You changed my life from now on, until I'll have to deal with this VPN client.
Big Kudos!
I love you! :-)
BTW the process running on my Mac (with the client shut down) was /Library/Application Support/Checkpoint/Endpoint Connect/TracSrvWrapper (my version of the SW is, I believe, Endpoint Security VPN E80 something)
Thank you!
this script is awesome- got connected to my apple tv!!
thanks a bunch
I can't sign in to our MS Lync when I'm on Checkpoint VPN E80.42 835017303 but when I'm not on VPN, it just connects smoothly. I tried to use this instead but still no luck :/
How did you guys make it work?
Awesome, worked like a charm on the corporate Macbook
Yes, this is super awesome!
Check my fork at https://gist.github.com/phoob/671e65332c86682d5674 – then you don't need "load" or "unload" :) I put this in an Automator app.
This should be
/Applications/Endpoint\ Security\ VPN.app/Contents/MacOS/Endpoint_Security_VPN > /dev/null 2>&1 &
To avoid redirection (&>/dev/null) and background (&) control operator: open "/Applications/Endpoint Security VPN.app"
For me (macOS 10.13.6, Checkpoint version Ihavenoideaandisureashellwontstartitupagainjusttofindout) it was /Library/Extensions/cpfw.kext, no /System.
Check my fork at https://gist.github.com/phoob/671e65332c86682d5674 – then you don't need "load" or "unload" :) I put this in an Automator app.
Awesome Thanks! this is working great!
@phoob updated to your version, thanks
Thank you for this. It works like a charm. I needed it because I couldn't mount with NFS (vagrant).
This is exactly what I needed. Many thanks
Awesome, dude, thanks!
(expo wont work, cuz cpfw block access in lan)
thanks,guy
I just upgraded to macOS
- Big Sur 11.0.1
- Checkpoint version E84.30 (Early Availability)
But then this scripts does not work anymore and probably needs a new strategy.
For reference I can disable the firewall by disabling the fw network service in network preferences:
But I couldn't find a way to automate it from the command-line (Tried networksetup and systemextensionsctl)
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --disable
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --enable
or
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --uninstall
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --install
seems to work
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --disable open -W -n -a /Applications/Check\ Point\ Firewall.app --args --enableor
open -W -n -a /Applications/Check\ Point\ Firewall.app --args --uninstall open -W -n -a /Applications/Check\ Point\ Firewall.app --args --installseems to work
Works perfectly! Thanks 👍 @osteinhauer
@osteinhauer updated, thanks
Thanks! I had to fix a missing space on line 25:
[ -d '/Applications/Check Point Firewall.app']
should be
[ -d '/Applications/Check Point Firewall.app' ]
@ptzz thanks, fixed
You saved my life! Thank you!
You saved my life too, thanks a lot ❤️
@bubenkoff, that was very helpful. Thank you)
Thank you for this script. But what to do if it keeps asking for password when connecting?
This is super helpful! Thanks for sharing! One minor modification: on the second to last line, "2>1 >" should probably be "&>" instead to direct all output (STDERR and STDOUT) to /dev/null. As written, this redirects STDERR to a file in the current working directory named "1".