Checkpoint Commands
Generally fall under:
cp – General
fw – Firewall
fwm – Management
Firewall Commands
fw lslogs
Display remote machine log-file list
fw logswitch
Rotate current log file
fw lichosts
Display protected hosts
fw exportlog .o
Export current log file to ASCII format
fw ctl uninstall
Uninstall hosts internal interfaces
fw ctl install
Install hosts internal interfaces
fw ctl pstat
System resource stats
fw ctl ip_forwarding
Control IP forwarding
fw ctl arp
Show ARP table
fw ctl get int
Shows the current value of a global kernel parameter
fw ctl set int
Sets the current value of a global kernel parameter. Only Temp; Cleared after reboot.
fw tab -t sam_blocked_ips
Block IPS via SmartTracker
fw tab -t connections -s
Show connection stats
fw tab -t connections -f
Show connections with IP instead of HEX
fw tab -t fwx_alloc -f
Show fwx_alloc with IP instead of HEX
fw tab -t peers_count -s
fw tab -t userc_users -s
Show VPN stats
fw start
Start the firewall
fw stop
Stop the firewall
fw unloadlocal
Unload the policy
fw monitor
Packet sniffer
fw ver -k
Returns version, patch info, and kernel info
fw stat -l
Display long stat list showing which policies are installed
fw stat -s
Display short stat list showing which policies are installed
fw printlic -p
Prints current firewall modules
fw putkey
Install authentication key on the host
fw fetch
Fetch security policy and install
fw fetch localhost
Install (on gateway) the last installed policy.
fw hastat
Show cluster statistics
fw log -f
Tail the current log file
fw log -s -e
Retrieve logs between times
fw checklic
Check license details
fw printlic
Print current license details
SPLAT Only Commands
resre
Allows you to restore your backup
backup
Allows you to perform a system operating system backup
patch add cd
Allows you to mount an ISO and upgrade your Checkpoint software
router
Enter router mode for use on Secure Platform Pro for advanced routing options
Snapshot
System backup, including all Checkpoint binaries
Debug Commands
fw ctl zdebug drop
Display dropped packets in real-time, give reason for drop
CP Commands
cpstart
Start all Checkpoint services
cprestart
Restart all Checkpoint services
cpsp -fwflag -proc
SP all Checkpoint services but keep policy active in kernel
cplic print
Print all the licensing information
cp_conf sic
SIC configuration
cphastart/sp
Start clustering on the specific node
cphaprob stat
List cluster status
cphaprob syncstat
Show the sync status
cphaprob list
Show status in list form
cphaprob -a if
List status of interfaces
cpsp
SP all Checkpoint services
cpwd_admin list
List Checkpoint processes
cpstatShow the status of the firewall
Firewall Management Commands
fwm -a
Add an admin
fwm -r
Delete an administrator
fwm -p
Print a list of admin users
fwm_start
Start the management processes
fwm dbexport -f user.txt
Export users; can also use dbimport
fwm lock_admin -v
View locked admin accounts
VPN Commands
vpn tu
VPN utility, allows you to rekey VPN
dtps lic
Show desktop policy license status
cpstat -f all polsrv
Show status of the DTPs
vpn ipafile_check ipassignment.conf detail
Verify the ipassignment.config file
vpn shell show interface detailed
Show VTI detail
vpn shell /tunnels/delete/IKE/peer/
Delete IKE SA
vpn shell /tunnels/delete/IPsec/peer/
Delete Phase 2 SA
vpn shell /show/tunnels/ike/peer/
Show IKE SA
vpn shell /show/tunnels/ipsec/peer/
Show Phase 2 SA
VSX Commands
vsx get
Get the current context
vsx set
Set your context
reset_gw
Reset the gateway, clearing all previous virtual devices and settings.
fw -vs getifs
Show the interfaces for a virtual device
fw vsx stat -l
Show a list of the virtual devices and installed policies
fw vsx stat -v
Show a list of the virtual devices and installed policies