Curl Ipv6

Package: curl;Maintainer for curl is Alessandro Ghedini <ghedo@debian.org>; Source for curl is src:curl (PTS, buildd, popcon).

Reported by: Roman Mamedov <rm@romanrm.ru>

14: curl#7 - 'Failed to connect to xxxx:xxxx:xxx:xx::xx: Network is unreachable' Solution. The solution is quite simple. There are several alternatives which can be the proper solution. The following is the step for solving the solutions: Disable IPv6. This is the first alternative solution. It is done by adding certain line for disabling the. But there’s another great usage curl command has: testing TCP ports connectivity. Say, you’re helping with some firewall changes and need to confirm that connection from your server to some remote host and specific TCP port still works. Here’s how you can do it using curl command and its telnet functionality. Test SSH port connection with. $ curl -V curl 7.35.0 (x8664-pc-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLMWB SSL libz TLS-SRP Install Curl on Ubuntu/Debian. IPv6-test.com is a free service that checks your IPv6 and IPv4 connectivity and speed. Diagnose connection problems, discover which address(es) you are currently using to browse the Internet, and what is your browser's protocol of choice when both v6 and v4 are available.

Date: Mon, 23 Apr 2012 08:15:01 UTC

Severity: normal

Tags: fixed-upstream

Found in version curl/7.25.0-1

Fixed in version curl/7.26.0-1

Done: Alessandro Ghedini <ghedo@debian.org>

Bug is archived. No further changes may be made.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwardedto debian-bugs-dist@lists.debian.org, Ramakrishnan Muthukrishnan <rkrishnan@debian.org>:
Bug#670126; Package curl. (Mon, 23 Apr 2012 08:15:04 GMT) (full text, mbox, link).

Acknowledgement sentto Roman Mamedov <rm@romanrm.ru>:
New Bug report received and forwarded. Copy sent to Ramakrishnan Muthukrishnan <rkrishnan@debian.org>. (Mon, 23 Apr 2012 08:15:05 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

To: submit@bugs.debian.org

Subject: [curl] Bad handling of IPv6 literal addresses

Information forwardedto debian-bugs-dist@lists.debian.org, Ramakrishnan Muthukrishnan <rkrishnan@debian.org>:
Bug#670126; Package curl. (Mon, 23 Apr 2012 08:51:04 GMT) (full text, mbox, link).

Acknowledgement sentto Daniel Stenberg <daniel@haxx.se>:
Extra info received and forwarded to list. Copy sent to Ramakrishnan Muthukrishnan <rkrishnan@debian.org>. (Mon, 23 Apr 2012 08:51:05 GMT) (full text, mbox, link).

Message #10 received at 670126@bugs.debian.org (full text, mbox, reply):

To: Roman Mamedov <rm@romanrm.ru>, 670126@bugs.debian.org

Subject: Re: Bug#670126: [curl] Bad handling of IPv6 literal addresses

Information forwardedto debian-bugs-dist@lists.debian.org, Ramakrishnan Muthukrishnan <rkrishnan@debian.org>:
Bug#670126; Package curl. (Mon, 23 Apr 2012 08:54:03 GMT) (full text, mbox, link).

Acknowledgement sentto Roman Mamedov <rm@romanrm.ru>:
Extra info received and forwarded to list. Copy sent to Ramakrishnan Muthukrishnan <rkrishnan@debian.org>. (Mon, 23 Apr 2012 08:54:03 GMT) (full text, mbox, link).

Message #15 received at 670126@bugs.debian.org (full text, mbox, reply):

To: Daniel Stenberg <daniel@haxx.se>

Subject: Re: Bug#670126: [curl] Bad handling of IPv6 literal addresses

Information forwardedto debian-bugs-dist@lists.debian.org, Ramakrishnan Muthukrishnan <rkrishnan@debian.org>:
Bug#670126; Package curl. (Mon, 23 Apr 2012 09:06:11 GMT) (full text, mbox, link).

Acknowledgement sentto Daniel Stenberg <daniel@haxx.se>:
Extra info received and forwarded to list. Copy sent to Ramakrishnan Muthukrishnan <rkrishnan@debian.org>. (Mon, 23 Apr 2012 09:06:13 GMT) (full text, mbox, link).

Message #20 received at 670126@bugs.debian.org (full text, mbox, reply):

To: Roman Mamedov <rm@romanrm.ru>, 670126@bugs.debian.org

Subject: Re: Bug#670126: [curl] Bad handling of IPv6 literal addresses

Information forwardedto debian-bugs-dist@lists.debian.org, Ramakrishnan Muthukrishnan <rkrishnan@debian.org>:
Bug#670126; Package curl. (Mon, 23 Apr 2012 09:15:03 GMT) (full text, mbox, link).

Acknowledgement sentto Roman Mamedov <rm@romanrm.ru>:
Extra info received and forwarded to list. Copy sent to Ramakrishnan Muthukrishnan <rkrishnan@debian.org>. (Mon, 23 Apr 2012 09:15:06 GMT) (full text, mbox, link).

Message #25 received at 670126@bugs.debian.org (full text, mbox, reply):

To: Daniel Stenberg <daniel@haxx.se>

Curl command windows

Subject: Re: Bug#670126: [curl] Bad handling of IPv6 literal addresses

Information forwardedto debian-bugs-dist@lists.debian.org, Ramakrishnan Muthukrishnan <rkrishnan@debian.org>:
Bug#670126; Package curl. (Mon, 23 Apr 2012 15:42:06 GMT) (full text, mbox, link).

Acknowledgement sentto Alessandro Ghedini <al3xbio@gmail.com>:
Extra info received and forwarded to list. Copy sent to Ramakrishnan Muthukrishnan <rkrishnan@debian.org>. (Mon, 23 Apr 2012 15:42:06 GMT) (full text, mbox, link).

Message #30 received at 670126@bugs.debian.org (full text, mbox, reply):

Curl Ipv6 Test

To: Roman Mamedov <rm@romanrm.ru>, 670126@bugs.debian.org

Subject: Re: Bug#670126: [curl] Bad handling of IPv6 literal addresses

Information forwardedto debian-bugs-dist@lists.debian.org, Ramakrishnan Muthukrishnan <rkrishnan@debian.org>:
Bug#670126; Package curl. (Mon, 23 Apr 2012 15:57:06 GMT) (full text, mbox, link).

Acknowledgement sentto Daniel Stenberg <daniel@haxx.se>:
Extra info received and forwarded to list. Copy sent to Ramakrishnan Muthukrishnan <rkrishnan@debian.org>. (Mon, 23 Apr 2012 15:57:06 GMT) (full text, mbox, link).

Curl Ipv6 With Port

Message #35 received at 670126@bugs.debian.org (full text, mbox, reply):

To: Alessandro Ghedini <al3xbio@gmail.com>

Cc: Roman Mamedov <rm@romanrm.ru>, 670126@bugs.debian.org

Subject: Re: Bug#670126: [curl] Bad handling of IPv6 literal addresses

Information forwardedto debian-bugs-dist@lists.debian.org, Ramakrishnan Muthukrishnan <rkrishnan@debian.org>:
Bug#670126; Package curl. (Tue, 24 Apr 2012 08:18:09 GMT) (full text, mbox, link).

Curl Command Windows

Acknowledgement sentto Alessandro Ghedini <al3xbio@gmail.com>:
Extra info received and forwarded to list. Copy sent to Ramakrishnan Muthukrishnan <rkrishnan@debian.org>. (Tue, 24 Apr 2012 08:18:09 GMT) (full text, mbox, link).

Message #40 received at 670126@bugs.debian.org (full text, mbox, reply):

To: Roman Mamedov <rm@romanrm.ru>, 670126@bugs.debian.org

Subject: Re: Bug#670126: [curl] Bad handling of IPv6 literal addresses

Added tag(s) fixed-upstream.Request was from Alessandro Ghedini <al3xbio@gmail.com>to control@bugs.debian.org. (Tue, 24 Apr 2012 08:18:11 GMT) (full text, mbox, link).

Curl Ipv6 Proxy

Reply sentto Alessandro Ghedini <ghedo@debian.org>:
You have taken responsibility. (Fri, 25 May 2012 15:06:17 GMT) (full text, mbox, link).

Notification sentto Roman Mamedov <rm@romanrm.ru>:
Bug acknowledged by developer. (Fri, 25 May 2012 15:06:17 GMT) (full text, mbox, link).

Message #47 received at 670126-close@bugs.debian.org (full text, mbox, reply):

To: 670126-close@bugs.debian.org

Date: Fri, 25 May 2012 15:05:47 +0000

Bug archived.Request was from Debbugs Internal Request <owner@bugs.debian.org>to internal_control@bugs.debian.org. (Tue, 03 Jul 2012 07:37:06 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>.Last modified:Mon Apr 26 03:52:02 2021; Machine Name:bembo

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham,1997,2003 nCipher Corporation Ltd,1994-97 Ian Jackson,2005-2017 Don Armstrong, and many other contributors.

Security Gateways and Security Management Server require access to the Internet (either directly, or via configured proxy) for various Software Blades. The table below lists the relevant connectivity tests.

Curl Force Ipv6

Notes:

In Gaia OS, use the 'curl_cli' command (Important: Refer to sk110779 - 'curl: (900) servercert: Error - server certificate validation failed!' when running 'curl_cli' command).
For each of the curl_cli commands, add the option --cacert $CPDIR/conf/ca-bundle.crt to prevent the issue in sk110779.
In Gaia Embedded OS, use the 'wget' command. It is enough to check the connectivity only to the http://cws.checkpoint.com server. Use the following syntax:
[Expert@HostName:0]# [http_proxy=Proxy_IP_or_HostName:Port] wget http://cws.checkpoint.com/
In SecurePlatform OS, use the 'curl' command instead of 'curl_cli' command.
If IPv6 address is assigned on Security Gateway / Security Management Server, then these services should be allowed in the rulebase for IPv6 as well.

You can also check and subscribe to updates on the Services status page.

Hostname	Protocol	From	Used For (Version)	Verifying Connectivity (Run command listed below. You will get a response if connectivity is OK.)
`cws.checkpoint.com`	http	Security Gateway, Security Management Server, SMB Gateways	Social Media Widget Detection (from R75)	curl_cli [--proxy <IP_or_HostName:Port>] -v http://cws.checkpoint.com/APPI/SystemStatus/type/short
			URL Filtering Cloud Categorization (from R75.20)	curl_cli [--proxy <IP_or_HostName:Port>] -v http://cws.checkpoint.com/URLF/SystemStatus/type/short
			Virus Detection (from R75.40)	curl_cli [--proxy <IP_or_HostName:Port>] -v http://cws.checkpoint.com/AntiVirus/SystemStatus/type/short
			Bot Detection (from R75.40)	curl_cli [--proxy <IP_or_HostName:Port>] -v http://cws.checkpoint.com/Malware/SystemStatus/type/short
`updates.checkpoint.com`	https http	Security Gateway, Security Management Server, SMB Gateways	IPS Updates, Updatable Object (from R80.20, on Security Gateway and Security Management)	curl_cli [--proxy <IP_or_HostName:Port>] -v -k https://updates.checkpoint.com/
`crl.globalsign.com`	http	Security Gateway, Security Management Server	CRL that updates service certificate uses	curl_cli -v http://crl.globalsign.com/
`dl3.checkpoint.com`	http	Security Gateway, Security Management Server	Download Service Updates (from R70), Updatable Object (from R80.20, on Security Gateway and Security Management)	curl_cli [--proxy <IP_or_HostName:Port>] -v -k http://dl3.checkpoint.com
`usercenter.checkpoint.com`	https	Security Gateway, Security Management Server	Contract Entitlement for IPS (from R70), Traditional Anti-Virus, Legacy URL Filtering, etc.	curl_cli [--proxy <IP_or_HostName:Port>] -v -k https://usercenter.checkpoint.com/usercenter/services/ProductCoverageService
`usercenter.checkpoint.com`	https	Security Gateway, Security Management Server	Software Blades Manager Service	curl_cli [--proxy <IP_or_HostName:Port>] -v --cacert $CPDIR/conf/ca-bundle.crt https://usercenter.checkpoint.com/usercenter/services/BladesManagerService
`resolver1.chkp.ctmail.com` `resolver2.chkp.ctmail.com` `resolver3.chkp.ctmail.com` `resolver4.chkp.ctmail.com` `resolver5.chkp.ctmail.com`	http	Security Gateway	Suspicious Mail Outbreaks (from R75.40)	curl_cli [--proxy <IP_or_HostName:Port>] -v http://resolver1.chkp.ctmail.com
`download.ctmail.com`	http	Security Gateway, Security Management Server	Anti-Spam	curl_cli [--proxy <IP_or_HostName:Port>] -v http://download.ctmail.com
`te.checkpoint.com`	http https	Security Gateway	Threat Emulation (from R77)	curl_cli -vk https://te.checkpoint.com/tecloud/Ping
`teadv.checkpoint.com`	http https	Security Gateway	Threat Emulation (from R77)	curl_cli [--proxy <IP_or_HostName:Port>] -v http://teadv.checkpoint.com
`threat-emulation.checkpoint.com`	http https	Security Gateway	Threat Emulation (from R77)	curl_cli [--proxy <IP_or_HostName:Port>] -v http://threat-emulation.checkpoint.com curl_cli [--proxy <IP_or_HostName:Port>] -v http://threat-emulation.checkpoint.com/tecloud/Ping
`ptcs.checkpoint.com` `ptcd.checkpoint.com`	https	Security Gateway	PTC Updates	curl_cli [--proxy <IP_or_HostName:Port>] -v https://ptcs.checkpoint.com curl_cli [--proxy <IP_or_HostName:Port>] -v https://ptcd.checkpoint.com
`kav8.zonealarm.com`	http	Security Gateway	Archive scanning in R75.40 and higher. Deep inspection in R77.10 and higher.	curl_cli [--proxy <IP_or_HostName:Port>] -v http://kav8.zonealarm.com/version.txt
`kav8.checkpoint.com`	http https	Security Gateway Endpoint Security Management	Traditional Anti-Virus, Endpoint Security Management pulling Anti-Malware updates	curl_cli [--proxy <IP_or_HostName:Port>] -v http://kav8.checkpoint.com
`avupdates.checkpoint.com`	http https	Security Gateway	Traditional Anti-Virus, Legacy URL Filtering	curl_cli [--proxy <IP_or_HostName:Port>] -v http://avupdates.checkpoint.com/UrlList.txt
`sigcheck.checkpoint.com`	http	Security Gateway, Security Management Server	Download of signature updates for Traditional Anti-Virus, Legacy URL Filtering, Edge devices, etc.	curl_cli [--proxy <IP_or_HostName:Port>] -v http://sigcheck.checkpoint.com/Siglist2.txt
`smbmgmtservice.checkpoint.com`	https	SMB Gateway (on Gaia Embedded)	Manage SMB Gateways	smp_connectivity_test smbmgmtservice.checkpoint.com
`zerotouch.checkpoint.com`	https	SMB Gateways	ZeroTouch deployment	test zero-touch-request
`secureupdates.checkpoint.com`	http	General updates server for Check Point's gateways	Manage Security Gateways	wget http://secureupdates.checkpoint.com Note: Delete the index.html file after each wget command attempt. Otherwise it will report that file already exists and will not try to download it. curl_cli [--proxy <IP_or_HostName:Port>] -v secureupdates.checkpoint.com
`productcoverage.checkpoint.com`	https	Security Gateway, Security Management Server	Makes sure the machine's contracts are up-to-date (since R75.47)	curl_cli [--proxy <IP_or_HostName:Port>] -v https://productcoverage.checkpoint.com/ProductCoverageService
`sc1.checkpoint.com` `sc2.checkpoint.com` `sc3.checkpoint.com` `sc4.checkpoint.com` `sc5.checkpoint.com`	https	Security Gateway, Security Management Server, SmartDashboard	Download of icons and screenshots from Check Point media storage servers (e.g., Check Point AppWiki)	curl_cli [--proxy <IP_or_HostName:Port>] -v https://sc1.checkpoint.com/sc/images/checkmark.gif curl_cli [--proxy <IP_or_HostName:Port>] -v https://sc1.checkpoint.com/za/images/facetime/large_png/60342479_lrg.png curl_cli [--proxy <IP_or_HostName:Port>] -v https://sc1.checkpoint.com/za/images/facetime/large_png/60096017_lrg.png
`push.checkpoint.com`	https	Mobile Access Gateway	Push Notifications (since R77.10) for incoming e-mails and meeting requests on hand held devices, while the Capsule Workspace Mail app is in the background	curl -vk https://push.checkpoint.com/push/ping
`downloads.checkpoint.com`	http	Mobile Access Gateway, Security Management Server	Download of Endpoint Compliance Updates (Endpoint Security On Demand (ESOD) database):	curl_cli [--proxy <IP_or_HostName:Port>] -v http://downloads.checkpoint.com
`productservices.checkpoint.com`	https	Security Gateway, Security Management Server	Next Generation Licensing uses this service. (Entitlement/Licensing Updates)	curl_cli [--proxy <IP_or_HostName:Port>] -v http://productservices.checkpoint.com

Additional Notes:

Specific IP addresses for the servers are not provided because they vary by region and are subject to change.
There are some Check Point Services / Software Blades that requires Proxy configuration on top of the Proxy global property configured in the object of your Security Management Server / Domain Management Server, so that connections to sigcheck.checkpoint.com will be able to pass through your Proxy server.
Examples from R7X SmartDashboard:
Note: Check if you have one those blades enabled and configure proxy settings for each of them.
- Endpoint Compliance
  1. Go to the 'Mobile Access' tab
  2. Expand the 'Endpoint Security On Demand'
  3. Click on the 'Endpoint Compliance Updates'
  4. In the 'Automatic Update' section, click on the 'Configure...' button
  5. Go to the 'Proxy' tab
  Example:
- Legacy URL Filtering
  1. Go to the 'Application & URL Filtering' tab
  2. Expand the 'Legacy URL Filtering'
  3. Click on the 'Legacy URL Filtering Policy'
  4. Click on the 'Automatic updates' link
  5. Go to the 'Proxy' tab
  Example:
- Traditional Anti-Virus and Edge devices
  1. Go to the 'Threat Prevention' tab
  2. Expand the 'Traditional Anti-Virus'
  3. Click on the 'Database Updates'
  4. In the 'Automatic Update' section, click on the 'Configure...' button
  5. Go to the 'Proxy' tab
  Example:

Related Solution:sk116590 - How to verify that SandBlast Agent can access Check Point servers?.

Revision History

Show / Hide this section

Date	Description
29 May 2017	Added information about Proxy configuration on top of the Proxy global property configured in the object of Security Management Server / Domain Management Server
25 Apr 2017	Added http://downloads.checkpoint.com
16 Feb 2017	Added 'Revision History' section
02 Mar 2017	Added teadv.checkpoint.com

⇐ ⇐ Ccleaner App Download

⇒ ⇒ Musk Twitter