top of page
© Copyright not allowed
Search
Writer's pictureTechclick co_in
May 2, 20233 min read

checkpoint cheatsheet

Firewalls Commands

fw lslogs

 display remote machine log-file list

fw logswitch

 rotate current log file

fw lichosts

 display protected hosts

fw exportlog .o

 export current log file  ascii file

fw ctl uninstall

 uninstall hosts internal interfaces

fw ctl install

 install hosts internal interfaces

fw ctl pstat

System Resource stats

fw ctl ip_forwarding

Control IP forwarding

fw ctl arp

 show arp table

fw ctl get int

 shows the current value of a global kernel parameter

fw ctl set int

Sets the current value of a global keneral parameter. 

OnlyTemp ; Cleared after reboot.

fw tab  -t sam_blocked_ips

 block IPS via SmartTracker

fw tab -t connections -s

 show connection stats

fw tab -t connections -f

 show connections with IP instead of HEX

fw tab -t fwx_alloc -f

 show fwx_alloc with IP instead of HEX

fw tab -t peers_count –s fw tab -t userc_users -s

 show VPN stats

fw lslogs

 display remote machine log-file list

fw logswitch

 rotate current log file

fw lichosts

 display protected hosts

fw exportlog .o

 export current log file  ascii file

Firewalls Commands

fw ctl uninstall

 uninstall hosts internal interfaces

fw ctl install

 install hosts internal interfaces

fw ctl pstat

System Resource stats

fw ctl ip_forwarding

Control IP forwarding

fw ctl arp

 show arp table

fw ctl get int

 shows the current value of a global kernel parameter

fw ctl set int

Sets the current value of a global keneral parameter. Only Temp ; Cleared after reboot.

fw tab  -t sam_blocked_ips

 block IPS via SmartTracker

fw tab -t connections -s

 show connection stats

fw tab -t connections -f

 show connections with IP instead of HEX

fw tab -t fwx_alloc -f

 show fwx_alloc with IP instead of HEX

fw tab -t peers_count –s fw tab -t userc_users -s

 show VPN stats

fwstart

 start the firewall

fwsp

 sp the firewall

fw unloadlocal

 unload the policy

fw monir

Packet sniffer

fw ver –k

Returns version, patch info and Kernal info

fw stat -l

 display long stat list showing which policies are installed

fw stat -s

 display short stat list showing which policies are installed

fw printlic -p

Prints current Firewall modules

fw putkey

 install authenication key on the host

fw fetch

Fetch security policy and install

fw fetch localhost

 install (on gateway) the last installed policy.

fw hastat

 show Cluster statistics

fw log -f

Tail the current log file

fw log -s -e

Retrieve logs between times

fw checklic

 check license details

fw printlic

 print current license details

SPLAT Only Commands

resre

 allow you rese your backup

backup

 allow you perform a system operating system backup

patch add cd

 allow you mount an iso and upgrade your checkpoint software

router

 enter router mode for use on Secure Platform Pro for advanced routing options

Snapshot

  system backup which includes all Checkpoint binaries.

Debug Command

fw ctl zdebug drop

Disaplay dropped packets in realtime / give reason for drop

CP Commands

cpstart

 start all Checkpoint Services

cprestart

 restart all Checkpoint Services

cpsp -fwflag -proc

 sp all checkpoint Services but keeps policy 

active

 in kernel

cplic print

 print all the licensing information.

cp_conf sic

SIC stuff

cphastart/sp

 sp clustering on the specific node

cphaprob stat

 list cluster status

cphaprob syncstat

 show the sync status

cphaprob list

 show a status in list form

cphaprob -a if

 list status of interfaces

cpsp

 sp all Checkpoint Services

cpwd_admin list

 list checkpoint processes

cpstat

 show the status of the firewall

Firewall Management Commands

fwm -a

add an Admin

fwm -r

delete an administrator

fwm -p

print a list of Admin users

fwm_start

 start the management processes

fwm dbexport -f user.txt

 export users , can also use dbimport

fwm lock_admin -v

view locked admin accounts

VPN

vpn tu

VPN utility, allows you  rekey vpn

dtps lic

 show deskp policy license status

cpstat -f all polsrv

 show status of the dtps

vpn ipafile_check ipassignment.conf detail

 verify theipassignment.config file

vpn shell show interface detailed

 show VTI detail

vpn shell /tunnels/delete/IKE/peer/

 delete IKE SA

vpn shell /tunnels/delete/IPsec/peer/

 delete Phase 2 SA

vpn shell /show/tunnels/ike/peer/

 show IKE SA

vpn shell /show/tunnels/ipsec/peer/

 show Phase 2 SA

VSX

vsx get

 get the current context

vsx set

 set your context

reset_gw

 reset the gateway, clearing all previous virtual devices and settings.

fw -vs getifs

 show the interfaces for a virtual device

fw vsx stat –l

 show a list of the virtual devices and installed policies

fw vsx stat –v

 show a list of the virtual devices and installed policies

0 views0 comments

Recent Posts

See All

What is Security Zones.

What is Security Zones : Security zones refer to network security architecture that divides a network into different security segments or...

0 comments

Support us

Hi Guys,  If this website is helpful for you, please support us to continued our work. UPI -  ram.dixit@ybl

0 comments

App Connector upgrade failures

App Connector upgrade failures App Connector upgrade failures if App connector upgrade fail, may be below reason if App connector upgrade...

0 comments
bottom of page