[rank_math_breadcrumb]

,

Checkpoint Commands Cheatsheet

Posted by

 

Checkpoint
commands generally falls under:

 

cp    
–  general

fw    
–  firewall

fwm 
–  management

 




















































































































Firewalls Commands

fw
lslogs

 display remote machine log-file list

fw
logswitch

 rotate current log file

fw
lichosts

 display protected hosts

fw
exportlog .o

 export current log file  ascii file

fw
ctl uninstall

 uninstall hosts internal interfaces

fw
ctl install

 install hosts internal interfaces

fw
ctl pstat

System
Resource stats

fw
ctl ip_forwarding

Control
IP forwarding

fw
ctl arp

 show arp table

fw
ctl get int [global kernel
parameter]

 shows the current value of a global kernel
parameter

fw
ctl set int [global kernel
parameter]  [value]

Sets
the current value of a global keneral parameter. 

OnlyTemp ; Cleared after reboot.

fw
tab  -t sam_blocked_ips

 block IPS via SmartTracker

fw
tab -t connections -s

 show connection stats

fw
tab -t connections -f

 show connections with IP instead of HEX

fw
tab -t fwx_alloc -f

 show fwx_alloc with IP instead of HEX

fw
tab -t peers_count –s
fw tab -t userc_users -s

 show VPN stats

fw
lslogs

 display remote machine log-file list

fw
logswitch

 rotate current log file

fw
lichosts

 display protected hosts

fw
exportlog .o

 export current log file  ascii file

 

 

Firewalls Commands

fw
ctl uninstall

 uninstall hosts internal interfaces

fw
ctl install

 install hosts internal interfaces

fw
ctl pstat

System
Resource stats

fw
ctl ip_forwarding

Control
IP forwarding

fw
ctl arp

 show arp table

fw
ctl get int [global kernel
parameter]

 shows the current value of a global kernel
parameter

fw
ctl set int [global kernel
parameter]  [value]

Sets
the current value of a global keneral parameter. Only
Temp ; Cleared after reboot.

fw
tab  -t sam_blocked_ips

 block IPS via SmartTracker

fw
tab -t connections -s

 show connection stats

fw
tab -t connections -f

 show connections with IP instead of HEX

fw
tab -t fwx_alloc -f

 show fwx_alloc with IP instead of HEX

fw
tab -t peers_count –s
fw tab -t userc_users -s

 show VPN stats

fwstart

 start the firewall

fwsp

 sp the firewall

fw
unloadlocal

 unload the policy

fw
monir

Packet
sniffer

fw
ver –k

Returns
version, patch info and Kernal info

fw
stat -l

 display long stat list showing which
policies are installed

fw
stat -s

 display short stat list showing which
policies are installed

fw
printlic -p

Prints
current Firewall modules

fw
putkey

 install authenication key on the host

fw
fetch

Fetch
security policy and install

fw
fetch localhost

 install (on gateway) the last installed
policy.

fw
hastat

 show Cluster statistics

fw
log -f

Tail
the current log file

fw
log -s -e

Retrieve
logs between times

fw
checklic

 check license details

fw
printlic

 print current license details

SPLAT Only Commands

resre

 allow you 
rese your backup

backup

 allow you 
perform a system operating system backup

patch
add cd

 allow you 
mount an iso and upgrade your checkpoint
software

router

 enter router mode for use on Secure Platform
Pro for
advanced routing options

Snapshot

  system backup which includes all Checkpoint
binaries.

 

 

Debug Command

fw
ctl zdebug drop

Disaplay
dropped packets in realtime / give reason for drop

CP Commands

cpstart

 start all Checkpoint Services

cprestart

 restart all Checkpoint Services

cpsp
-fwflag -proc

 sp all checkpoint Services but keeps policy active in kernel

cplic
print

 print all the licensing information.

cp_conf
sic

SIC
stuff

cphastart/sp

 sp clustering on the specific node

cphaprob
stat

 list cluster status

cphaprob
syncstat

 show the sync status

cphaprob
list

 show a status in list form

cphaprob
-a if

 list status of interfaces

cpsp

 sp all Checkpoint Services

cpwd_admin
list

 list checkpoint processes

cpstat

 show the status of the firewall

Firewall Management Commands

fwm
-a

add
an Admin

fwm
-r

delete
an administrator

fwm
-p

print
a list of Admin users

fwm_start

 start the management processes

fwm
dbexport -f user.txt

 export users , can also use dbimport

fwm
lock_admin -v

view
locked admin accounts

 

 

VPN

vpn
tu

VPN
utility, allows you  rekey vpn

dtps
lic

 show deskp policy license status

cpstat
-f all polsrv

 show status of the dtps

vpn
ipafile_check ipassignment.conf
detail

 verify theipassignment.config file

vpn
shell show interface detailed [VTI
name]

 show VTI detail

vpn
shell
/tunnels/delete/IKE/peer/[peer ip]

 delete IKE SA

vpn
shell
/tunnels/delete/IPsec/peer/[peer ip]

 delete Phase 2 SA

vpn
shell /show/tunnels/ike/peer/[peer
ip]

 show IKE SA

vpn
shell
/show/tunnels/ipsec/peer/[peer ip]

 show Phase 2 SA

 

 

VSX

vsx
get [vsys name/id]

 get the current context

vsx
set [vsys name/id]

 set your context

reset_gw

 reset the gateway, clearing all previous
virtual devices and
settings.

fw
-vs [vsys id] getifs

 show the interfaces for a virtual device

fw
vsx stat –l

 show a list of the virtual devices and
installed policies

fw
vsx stat –v

 show a list of the virtual devices and
installed policies

 


 

 

 

[the-post-grid id=”9538″ title=””]

Visit Our Store and Buy All document (F5, Zscaler, ASA, Paloalto, Checkpoint,Forescout, Cisco ISE etc) only in  1600RS, click here on store - Store

X
error: Content is protected !!