Difference between revisions of "Useful Check Point CLI commands"

From Tech-Wiki
Jump to: navigation, search
(Created page with "Category:Check Point Useful Check Point commands. Check Point commands generally come under '''cp''' (general) and '''fw''' (firewall) <blockquote></blockquote> '''Useful CP...")
 
Line 60: Line 60:
 
!Description
 
!Description
 
|-
 
|-
 +
|fw ctl iflist
 +
|show interface names
 +
|-
 +
|fw ctl pstat
 +
|show control kernel memory and connections
 +
|-
 +
|fw exportlog -o
 +
|export the current log file to ascii
 +
|-
 +
|fw fetch <manager IP>
 +
|get the policy from the firewall manager
 +
|-
 +
|fw log
 +
|show the content of the connections log
 +
|-
 +
|fw log -b <MMM DD, YYYY HH:MM:SS> <MMM DD, YYYY HH:MM:SS>
 +
|search the current log for activity between specific times, eg
 +
|-
 +
|fw log -c drop
 +
|search for dropped packets in the active log; also can use accept or reject to search
 +
|-
 +
|fw log -f
 +
|tail the current log
 +
|-
 +
|fwm logexport -i <log name> -o <output name>
 +
|export an old log file on the firewall manager
 +
|-
 +
|fw logswitch
 +
|rotate logs
 +
|-
 +
|fw lslogs
 +
|list firewall logs
 +
|-
 +
|fw stat
 +
|firewall status, should contain the name of the policy and the relevant interfaces.
 +
|-
 +
|fw stat -l
 +
|show which policy is associated with which interface and package drop, accept and reject
 +
|-
 +
|fw tab
 +
|displays firewall tables
 +
|-
 +
|fw tab -s -t connections
 +
|number of connections in state table
 +
|-
 +
|fw tab -t xlate -x
 +
|clear all translated entries
 +
|-
 +
|fw unloadlocal
 +
|clear local firewall policy
 +
|-
 +
|fw ver
 +
|firewall version
 +
|}

Revision as of 09:18, 21 September 2011


Useful Check Point commands. Check Point commands generally come under cp (general) and fw (firewall)

Useful CP Commands

Command Description
cpconfig change SIC, licenses and more
cphaprob ldstat display sync serialization statistics
cphaprob stat list the state of the high availability cluster members. Should show active and standby devices.
cphaprob syncstat display sync transport layer statistics
cphastop stop a cluster member from passing traffic. Stops synchronization. (emergency only)
cplic print license information
cpstart start all checkpoint services
cpstat fw show policy name, policy install time and interface table
cpstat ha high availability state
cpstat os -f all checkpoint interface table, routing table, version, memory status, cpu load, disk space
cpstat os -f cpu checkpoint cpu status
cpstat os -f routing checkpoint routing table
cpstop stop all checkpoint services
cpwd_admin monitor_list list processes actively monitored. Firewall should contain cpd and vpnd.

Useful FW Commands

Command Description
fw ctl iflist show interface names
fw ctl pstat show control kernel memory and connections
fw exportlog -o export the current log file to ascii
fw fetch <manager IP> get the policy from the firewall manager
fw log show the content of the connections log
fw log -b <MMM DD, YYYY HH:MM:SS> <MMM DD, YYYY HH:MM:SS> search the current log for activity between specific times, eg
fw log -c drop search for dropped packets in the active log; also can use accept or reject to search
fw log -f tail the current log
fwm logexport -i <log name> -o <output name> export an old log file on the firewall manager
fw logswitch rotate logs
fw lslogs list firewall logs
fw stat firewall status, should contain the name of the policy and the relevant interfaces.
fw stat -l show which policy is associated with which interface and package drop, accept and reject
fw tab displays firewall tables
fw tab -s -t connections number of connections in state table
fw tab -t xlate -x clear all translated entries
fw unloadlocal clear local firewall policy
fw ver firewall version
Retrieved from ‘http://tech-wiki.net/index.php?title=Useful_Check_Point_CLI_commands&oldid=227