Difference between revisions of "FW Monitor examples"
From Tech-Wiki
(Created page with "Filtering based on a single Host: (no matter if it is the source or destination) fw monitor -e "host(10.1.1.10) ,accept;" Filtering based on a Host pair" fw monitor -e "...") |
|||
| (5 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| + | [[Category:Check Point]] | ||
| + | '''[[Check Point#Gaia|Back to Gaia]]''' | ||
| + | |||
Filtering based on a single Host: (no matter if it is the source or destination) | Filtering based on a single Host: (no matter if it is the source or destination) | ||
| − | fw monitor -e "host(10.1.1.10) | + | fw monitor -e "accept host(10.1.1.10);" |
| − | Filtering based on a Host pair | + | Filtering based on a Host pair and subnet |
| − | fw monitor -e "host(10.1.1.10) or host( | + | fw monitor -e "accept host(10.1.1.10) or host(10.1.1.2) and net(10.0.0.0,8) and port(22);" |
Filtering based on application: | Filtering based on application: | ||
| − | fw monitor -e 'accept port(25) ;' | + | fw monitor -e 'accept port(25);' |
| + | |||
| + | Strict filter: | ||
| + | |||
| + | fw monitor -e "src=10.1.1.10 and dst=200.1.1.11 and dport=80,accept;" | ||
Latest revision as of 18:44, 8 November 2017
Filtering based on a single Host: (no matter if it is the source or destination)
fw monitor -e "accept host(10.1.1.10);"
Filtering based on a Host pair and subnet
fw monitor -e "accept host(10.1.1.10) or host(10.1.1.2) and net(10.0.0.0,8) and port(22);"
Filtering based on application:
fw monitor -e 'accept port(25);'
Strict filter:
fw monitor -e "src=10.1.1.10 and dst=200.1.1.11 and dport=80,accept;"