-
-
Save phoob/671e65332c86682d5674 to your computer and use it in GitHub Desktop.
| #!/bin/bash | |
| # | |
| # The reason of creating this script is that Endpoint Security VPN installs it's own application firewall kext cpfw.kext | |
| # which prevents for example PPTP connections from this computer, which is not appropriate if you need subj connection just | |
| # from time to time | |
| # | |
| # Usage: ./checkpoint.sh | |
| # | |
| # The script checks if Enpoint Security VPN is running. If it is, then it shuts it down, if it is not, it fires it up. | |
| # Or, make an Automator action and paste the script. | |
| # You will need sudo power, of course | |
| # | |
| # To prevent Endpoint Security VPN from starting automatically whenever you restart your Mac, edit this file: | |
| # `/Library/LaunchAgents/com.checkpoint.eps.gui.plist` | |
| # And change the values of `RunAtLoad` and `KeepAlive` to `false` | |
| # [Source](https://superuser.com/questions/885273) | |
| SERVICE='Endpoint_Security_VPN' | |
| if pgrep $SERVICE > /dev/null | |
| then | |
| # $SERVICE is running. Shut it down | |
| sudo launchctl unload /Library/LaunchDaemons/com.checkpoint.epc.service.plist | |
| sudo kextunload /Library/Extensions/cpfw.kext | |
| killall $SERVICE | |
| else | |
| # $SERVICE is not running. Fire it up | |
| sudo launchctl load /Library/LaunchDaemons/com.checkpoint.epc.service.plist | |
| sudo kextload /Library/Extensions/cpfw.kext | |
| open '/Applications/Endpoint Security VPN.app' | |
| fi |
I've updated the gist based on the comments by @ferben
Try to set "RunAtLoad" and "KeepAlive" to false ⇒ both this options must be false.
I tried that and it did prevent checkpoint from starting on boot but I was unable to start and use it on demand so I had to reverse changing KeepAlive back to true to get it to work when I need to use it.
I wrote a small AppleScript that does nearly the same as the script above but in a better way for me. I will edit my post later and link to it on github for everyone to use it if needed.
Try to set "RunAtLoad" and "KeepAlive" to false ⇒ both this options must be false.
I tried that and it did prevent checkpoint from starting on boot but I was unable to start and use it on demand so I had to reverse changing KeepAlive back to true to get it to work when I need to use it.
I wrote a small AppleScript that does nearly the same as the script above but in a better way for me. I will edit my post later and link to it on github for everyone to use it if needed.
I cannot confirm that. Endpoint Security E82.00 starts alright on my system (OS 10.15.3) when needed. Autostart, however, is successfully prevented by the changes made to the .plist-file as suggested by @ferben.
Hi,
I hope that in near future Checkpoint will remove or update the Kernel extension (in Catalina Apple prevents that in the next version of macOS it will not work, I haven't tested it yet on macOS Bug Sur).
Also I have the problem with bonjour when the cpfw.kext is loaded (I cannot access my NAS using this protocol) => for time being I remove the extension, bonjour works again and the VPN client too. Therefore I do kont know why CheckPoint loads this extension that is not used in fact...
Thanks a huge lot, ferben! This worked!