This post is a summary of some of the most important Checkpoint commands taken by Checkpoint Community (CheckMates)
| fw ctl zdebug drop | used to quickly see all dropped connections and more importantly the reason (e.g. anti-spoofing, IPS , FW rule , ....). USE WITH EXTREME CAUTION |
| cpstat fw | quickly see stats of number of connections
(accepted,denied,logged) with a breakdown if the FW was under a high load i would usually run " watch --interval=1 'cpstat fw' " (would see a real-time to see the interface that is causing this) |
| fw tab -s -t connections |
allowed me to quickly see how much load is (and was i.e "peak" ) on the FW |
| cphaprob stat | used to see state of cluster |
| fwaccel stats -s | to check acceleration status on FW |
| cphaprob -a if |
used to do troubleshooting cluster, verify all interfaces are
UP and the Virtual IP address for the cluster interfaces |
