Checkpoint Firewall Cheat Sheet
The basic commands used for firewall administration. These commands are used only for the Unix platform.
Add a administrator | fwm –a |
Delete an administrator | fwm –r |
Display administrators list | fwm -p |
Start the firewall | fwstart |
Stop the firewall | fwstop |
Long stat list | fw stat -long |
Short stat list | fw stat -short |
Check license details | fw checklic |
Print current license details | fw printlic |
Print current Firewall modules | fw printlic -p |
Overwrite existing licenses (delete ones already installed) | fw putlic –o |
Load license into kernel | fw putlic –k |
Display internal hosts | fw lichosts |
Display version number | fw ver |
Install authenication key onto host | fw putkey |
Display contents of the inspect table | fw tab |
As above but short list | fw tab –s |
Display current connections | fw tab -t
|
Export current log file to ascii file | fw exportlog –o |
Rotate current log file | fw logswitch |
Kill firewall daemon | fw kill –t |
control IP forwarding | fw ctl ip_forwarding |
Display internal stats of Firewall | fw ctl pstat |
Install hosts internal interfaces | fw ctl install |
Uninstall hosts internal interfaces | fw ctl uninstall |
Fetch security policy and install | fw fetch |
Generate a *.pf file from a *.W file | fw gen |
Tail the current log file | fw log -f |
Retrieve logs between times | fw log -s |
inhibit host (source) for number of secs | fw sam –i src |
remove inhibit from sam database | fw sam –C -i src |
use fw tab to view blocked connections | Note |