comp_init_policy

Description Use the comp_init_policy command to generate and load, or to remove, the Initial Policy.

The Initial Policy offers protection to the gateway before the administrator has installed a Policy on the gateway.

Syntax

> $FWDIR/bin/comp_init_policy [-u] [-g]

Parameter	Description
`-u`	Removes the current Initial Policy, and ensures that it will not be generated in future when `cpconfig` is run.
`-g`	Can be used if there is no Initial Policy. If there is, make sure that after removing the policy, you delete the `$FWDIR/state/local/FW1/` folder. Generates the Initial Policy and ensures that it will be loaded the next time a policy is fetched (at `cpstart`, or at next boot, or via the `fw fetch localhost` command). After running this command, `cpconfig` will add an Initial Policy when needed. The `comp_init_policy -g` command will only work if there is no previous Policy. If you perform the following commands: `comp_init_policy -g + fw fetch localhost` `comp_init_policy -g + cpstart` `comp_init_policy -g + reboot` The original policy will still be loaded.

Parameter

Description

-u

Removes the current Initial Policy, and ensures that it will not be generated in future when cpconfig is run.

-g

Can be used if there is no Initial Policy. If there is, make sure that after removing the policy, you delete the $FWDIR/state/local/FW1/ folder.

Generates the Initial Policy and ensures that it will be loaded the next time a policy is fetched (at cpstart, or at next boot, or via the fw fetch localhost command). After running this command, cpconfig will add an Initial Policy when needed.

The comp_init_policy -g command will only work if there is no previous Policy. If you perform the following commands:
comp_init_policy -g + fw fetch localhost
comp_init_policy -g + cpstart
comp_init_policy -g + reboot
The original policy will still be loaded.