Collezione di comandi per sistemi CheckPoint che ho trovato su vari blog Internet.
(lista soggetta ad aggiornamento...)
CP,
FW and FWM
cphaprob
stat
|
List
cluster status
|
cphaprob
-a if
|
List
status of interfaces
|
cphaprob
syncstat
|
shows
the sync status
|
cphaprob
list
|
Shows
a status in list form
|
cphastart/stop
|
Stops
clustering on the specfic node
|
cp_conf
sic
|
SIC
stuff
|
cpconfig
|
config
util
|
cplic
print
|
prints
the license
|
cprestart
|
Restarts
all Check Point Services
|
cpstart
|
Starts
all Check Point Services
|
cpstop
|
Stops
all Check Point Services
|
cpstop
-fwflag -proc
|
Stops
all checkpoint Services but keeps policy active in kernel
|
cpwd_admin
list
|
List
checkpoint processes
|
cplic
print
|
Print
all the licensing information.
|
cpstat
-f all polsrv
|
Show
VPN Policy Server Stats
|
cpstat
|
Shows
the status of the firewall
|
fw
tab -t sam_blocked_ips
|
Block
IPS via SmartTracker
|
fw
tab -t connections -s
|
Show
connection stats
|
fw
tab -t connections -f
|
Show
connections with IP instead of HEX
|
fw
tab -t fwx_alloc -f
|
Show
fwx_alloc with IP instead of HEX
|
fw
tab -t peers_count -s
|
Shows
VPN stats
|
fw
tab -t userc_users -s
|
Shows
Secureclients connected
|
fw
checklic
|
Check
license details
|
fw
ctl get int [global kernel parameter]
|
Shows
the current value of a global kernel parameter
|
fw
ctl set int [global kernel parameter] [value]
|
Sets
the current value of a global keneral parameter. Only Temp ;
Cleared after reboot.
|
fw
ctl arp
|
Shows
arp table
|
fw
ctl install
|
Install
hosts internal interfaces
|
fw
ctl ip_forwarding
|
Control
IP forwarding
|
fw
ctl pstat
|
System
Resource stats
|
fw
ctl uninstall
|
Uninstall
hosts internal interfaces
|
fw
exportlog .o
|
Export
current log file to ascii file
|
fw
fetch
|
Fetch
security policy and install
|
fw
fetch localhost
|
Installs
(on gateway) the last installed policy.
|
fw
hastat
|
Shows
Cluster statistics
|
fw
lichosts
|
Display
protected hosts
|
fw
log -f
|
Tail
the current log file
|
fw
log -s -e
|
Retrieve
logs between times
|
fw
logswitch
|
Rotate
current log file
|
fw
lslogs
|
Display
remote machine log-file list
|
fw
monitor
|
Packet
sniffer
|
fw
printlic -p
|
Print
current Firewall modules
|
fw
printlic
|
Print
current license details
|
fw
putkey
|
Install
authenication key onto host
|
fw
stat -l
|
Long
stat list, shows which policies are installed
|
fw
stat -s
|
Short
stat list, shows which policies are installed
|
fw
unloadlocal
|
Unload
policy
|
fw
ver -k
|
Returns
version, patch info and Kernal info
|
fwstart
|
Starts
the firewall
|
fwstop
|
Stop
the firewall
|
fwm
lock_admin -v
|
View
locked admin accounts
|
fwm
dbexport -f user.txt
|
used
to export users , can also use dbimport
|
fwm_start
|
starts
the management processes
|
fwm
-p
|
Print
a list of Admin users
|
fwm
-a
|
Adds
an Admin
|
fwm
-r
|
Delete
an administrator
|
VPN
vpn tu
|
VPN utility,
allows you to rekey vpn
|
vpn ipafile_check
ipassignment.conf detail
|
Verifies the
ipassignment.conf file |
dtps lic
|
show desktop
policy license status
|
cpstat -f all
polsrv
|
show status of
the dtps
|
vpn shell
/tunnels/delete/IKE/peer/[peer ip]
|
delete IKE SA
|
vpn shell
/tunnels/delete/IPsec/peer/[peer ip]
|
delete Phase 2 SA
|
vpn shell
/show/tunnels/ike/peer/[peer ip]
|
show IKE SA
|
vpn shell
/show/tunnels/ipsec/peer/[peer ip]
|
show Phase 2 SA
|
vpn shell show
interface detailed [VTI name]
|
show VTI detail
|
