Difference between revisions of "FW Monitor examples"

From Tech-Wiki
Jump to: navigation, search
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
[[Category:Check Point]]
 +
'''[[Check Point#Gaia|Back to Gaia]]'''
 +
 
Filtering based on a single Host: (no matter if it is the source or destination)
 
Filtering based on a single Host: (no matter if it is the source or destination)
  
 
  fw monitor -e "accept host(10.1.1.10);"  
 
  fw monitor -e "accept host(10.1.1.10);"  
  
Filtering based on a Host pair"
+
Filtering based on a Host pair and subnet
  
  fw monitor -e "accept host(10.1.1.10) or host(200.0.0.2);"  
+
  fw monitor -e "accept host(10.1.1.10) or host(10.1.1.2) and net(10.0.0.0,8) and port(22);"  
  
 
Filtering based on application:
 
Filtering based on application:
Line 11: Line 14:
 
  fw monitor -e 'accept port(25);'
 
  fw monitor -e 'accept port(25);'
  
Strictly filter:
+
Strict filter:
  
 
  fw monitor -e "src=10.1.1.10 and dst=200.1.1.11 and dport=80,accept;"
 
  fw monitor -e "src=10.1.1.10 and dst=200.1.1.11 and dport=80,accept;"

Latest revision as of 18:44, 8 November 2017

Back to Gaia

Filtering based on a single Host: (no matter if it is the source or destination)

fw monitor -e "accept host(10.1.1.10);" 

Filtering based on a Host pair and subnet

fw monitor -e "accept host(10.1.1.10) or host(10.1.1.2) and net(10.0.0.0,8) and port(22);" 

Filtering based on application:

fw monitor -e 'accept port(25);'

Strict filter:

fw monitor -e "src=10.1.1.10 and dst=200.1.1.11 and dport=80,accept;"