Thursday, October 23, 2014

CHECKPOINT COMMAND LINE REFERENCE


CHECKPOINT COMMAND LINE REFERENCE

       CP-->general ; FW-->firewall ; FWM-->management

    CP COMMANDS
    cpstat fw -f policy (WiKi) --> To see the policy/Conn./Traffic/Interface in&out
    cpstat os -f perf (WiKi) --> To see Free Memory status
    cphaprob stat / cphaprob -a if --> To Check HA Cluster / Interface status
    cphaprob syncstat --> Shows the sync status
    cphaprob list --> Shows a status in list form
    cphastart/stop --> Stops clustering on the specfic node
    cp_conf sic (WiKi) --> SIC stuff
    cpconfig (WiKi) --> config util
    cplic print (WiKi) --> prints the license
    cprestart --> Restarts all Checkpoint Services
    cpstop --> Stops all Checkpoint Services
    cpstart --> Starts all Checkpoint Services
    cpstop -fwflag -proc --> Stops all checkpoint Services but keeps policy active in kernel
    cpwd_admin list --> List checkpoint processes
    cpstat -f all polsrv --> Show VPN Policy Server Stats
    cpstat (WiKi) --> Shows the status of the firewall
    cpstat -f multi_cpu os (WiKi) --> Shows processors load/stats
   
    FW COMMANDS
    fw tab -t sam_blocked_ips --> Block IPS via SmartTracker
    fw tab -t connections -s --> Show connection stats
    fw tab -t connections -f --> Show connections with IP instead of HEX
    fw tab -t fwx_alloc -f --> Show fwx_alloc with IP instead of HEX
    fw tab -t peers_count -s --> Shows VPN stats
    fw tab -t userc_users -s --> Shows VPN stats
    fw checklic --> Check license details
    fw ctl get int [global kernel parameter] --> Shows the current value of a global kernel parameter
    fw ctl set int [global kernel parameter] [value] --> Sets the current value of a global keneral parameter. Only Temp ; Cleared after reboot.
    fw ctl arp --> Shows arp table
    fw ctl install --> Install hosts internal interfaces
    fw ctl ip_forwarding --> Control IP forwarding
    fw ctl pstat --> System Resource stats
    fw ctl uninstall --> Uninstall hosts internal interfaces
    fw exportlog .o --> Export current log file to ascii file
    fw fetch --> Fetch security policy and install
    fw fetch "CMA IP or localhost" --> Installs (on gateway) the last installed policy
    fw lichosts --> Display protected hosts
    fw log -f --> Tail the current log file
    fw log -s -e --> Retrieve logs between times
    fw logswitch --> Rotate current log file
    fw lslogs --> Display remote machine log-file list
    fw monitor --> Packet sniffer
    fw printlic -p --> Print current Firewall modules
    fw printlic --> Print current license details
    fw putkey --> Install authenication key onto host
    fw stat -l --> Long stat list, shows which policies are installed
    fw stat -s --> Short stat list, shows which policies are installed
    fw ver -k --> Returns version, patch info and Kernal info
    fwstart --> Starts the firewall
    fwstop --> Stop the firewall
    fwm lock_admin -v --> View locked admin accounts
    fwm dbexport -f user.txt --> used to export users into user.txt , can also use dbimport
    fwm_start --> starts the management processes
    fwm -p --> Print a list of Admin users
    fwm .a --> Adds an Admin
    fwm .r --> Delete an administrator
    fw ver /fw stat --> To See Firewall Version/stats
    fw tab .t connections -s --> Number of connections on the FW,(normal max is 25000)
    fw unloadlocal --> To Uninstall the policy which affected access to FW
     

No comments: