,

checkpoint cheatsheet

Posted by

Firewalls Commands

fw
lslogs
 display remote machine log-file list
fw
logswitch
 rotate current log file
fw
lichosts
 display protected hosts
fw
exportlog .o
 export current log file  ascii file
fw
ctl uninstall
 uninstall hosts internal interfaces
fw
ctl install
 install hosts internal interfaces
fw
ctl pstat
System
Resource stats
fw
ctl ip_forwarding
Control
IP forwarding
fw
ctl arp
 show arp table
fw
ctl get int [global kernel
parameter]
 shows the current value of a global kernel
parameter
fw
ctl set int [global kernel
parameter]  [value]
Sets
the current value of a global keneral parameter. 

OnlyTemp ; Cleared after reboot.

fw
tab  -t sam_blocked_ips
 block IPS via SmartTracker
fw
tab -t connections -s
 show connection stats
fw
tab -t connections -f
 show connections with IP instead of HEX
fw
tab -t fwx_alloc -f
 show fwx_alloc with IP instead of HEX
fw
tab -t peers_count –s
fw tab -t userc_users -s
 show VPN stats
fw
lslogs
 display remote machine log-file list
fw
logswitch
 rotate current log file
fw
lichosts
 display protected hosts
fw
exportlog .o
 export current log file  ascii file
   

Firewalls Commands

fw
ctl uninstall
 uninstall hosts internal interfaces
fw
ctl install
 install hosts internal interfaces
fw
ctl pstat
System
Resource stats
fw
ctl ip_forwarding
Control
IP forwarding
fw
ctl arp
 show arp table
fw
ctl get int [global kernel
parameter]
 shows the current value of a global kernel
parameter
fw
ctl set int [global kernel
parameter]  [value]
Sets
the current value of a global keneral parameter. Only
Temp ; Cleared after reboot.
fw
tab  -t sam_blocked_ips
 block IPS via SmartTracker
fw
tab -t connections -s
 show connection stats
fw
tab -t connections -f
 show connections with IP instead of HEX
fw
tab -t fwx_alloc -f
 show fwx_alloc with IP instead of HEX
fw
tab -t peers_count –s
fw tab -t userc_users -s
 show VPN stats
fwstart  start the firewall
fwsp  sp the firewall
fw
unloadlocal
 unload the policy
fw
monir
Packet
sniffer
fw
ver –k
Returns
version, patch info and Kernal info
fw
stat -l
 display long stat list showing which
policies are installed
fw
stat -s
 display short stat list showing which
policies are installed
fw
printlic -p
Prints
current Firewall modules
fw
putkey
 install authenication key on the host
fw
fetch
Fetch
security policy and install
fw
fetch localhost
 install (on gateway) the last installed
policy.
fw
hastat
 show Cluster statistics
fw
log -f
Tail
the current log file
fw
log -s -e
Retrieve
logs between times
fw
checklic
 check license details
fw
printlic
 print current license details

SPLAT Only Commands

resre  allow you
rese your backup
backup  allow you
perform a system operating system backup
patch
add cd
 allow you
mount an iso and upgrade your checkpoint
software
router  enter router mode for use on Secure Platform
Pro for
advanced routing options
Snapshot   system backup which includes all Checkpoint
binaries.
 
 

Debug Command

fw
ctl zdebug drop
Disaplay
dropped packets in realtime / give reason for drop

CP Commands

cpstart  start all Checkpoint Services
cprestart  restart all Checkpoint Services
cpsp
-fwflag -proc
 sp all checkpoint Services but keeps policy active in kernel
cplic
print
 print all the licensing information.
cp_conf
sic
SIC
stuff
cphastart/sp  sp clustering on the specific node
cphaprob
stat
 list cluster status
cphaprob
syncstat
 show the sync status
cphaprob
list
 show a status in list form
cphaprob
-a if
 list status of interfaces
cpsp  sp all Checkpoint Services
cpwd_admin
list
 list checkpoint processes
cpstat  show the status of the firewall

Firewall Management Commands

fwm
-a
add
an Admin
fwm
-r
delete
an administrator
fwm
-p
print
a list of Admin users
fwm_start  start the management processes
fwm
dbexport -f user.txt
 export users , can also use dbimport
fwm
lock_admin -v
view
locked admin accounts
   

VPN

vpn
tu
VPN
utility, allows you  rekey vpn
dtps
lic
 show deskp policy license status
cpstat
-f all polsrv
 show status of the dtps
vpn
ipafile_check ipassignment.conf
detail
 verify theipassignment.config file
vpn
shell show interface detailed [VTI
name]
 show VTI detail
vpn
shell
/tunnels/delete/IKE/peer/[peer ip]
 delete IKE SA
vpn
shell
/tunnels/delete/IPsec/peer/[peer ip]
 delete Phase 2 SA
vpn
shell /show/tunnels/ike/peer/[peer
ip]
 show IKE SA
vpn
shell
/show/tunnels/ipsec/peer/[peer ip]
 show Phase 2 SA
   

VSX

vsx
get [vsys name/id]
 get the current context
vsx
set [vsys name/id]
 set your context
reset_gw  reset the gateway, clearing all previous
virtual devices and
settings.
fw
-vs [vsys id] getifs
 show the interfaces for a virtual device
fw
vsx stat –l
 show a list of the virtual devices and
installed policies
fw
vsx stat –v
 show a list of the virtual devices and
installed policies

[the-post-grid id=”9538″ title=””]

Visit Our Store and Buy All document (F5, Zscaler, ASA, Paloalto, Checkpoint,Forescout, Cisco ISE etc) only in  1600RS, click here on store - Store

X
error: Content is protected !!