{install| uninstall}

• Uninstall — tells the operating system to stop passing packets to the Security Gateway, and unloads the Security Policy. The networks behind it become unprotected.
• Install — tells the operating system to start passing packets to the Security Gateway. The command fw ctl install runs automatically when cpstart is performed.

  Note - If you run fw ctl uninstall followed by fw ctl install, the Security Policy is not restored.

debug

Generate debug messages to a buffer. See fw ctl debug.

kdebug

Reads the debug buffer and obtains the debug messages. If there is no debug buffer, the command will fail.

• [-f] read the buffer every second and print the messages, until Ctrl-C is pressed. Otherwise, read the current buffer contents and end.
• [-t/-T] print the time field (seconds/microseconds)
• [-p] to print specific fields all|proc|pid|date|mid|type|freq|topic|time|ticks|tid|text|err|host|vsid|cpu
• [-m] - number of cyclic files, [-s] - size of each

pstat [-h]
[-k] [-s]
[-n] [-l]

Displays Security Gateway internal statistics:

-h — Generates additional hmem details.

-k — Generates additional kmem details.

-s — Generates additional smem details.

-n — Generates NDIS information (Windows only).

-l — Generates general Security Gateway statistics.

iflist

Displays the IP interfaces known to the kernel, by name and internal number.

arp [-n]

Displays ARP proxy table.

-n — Do not perform name resolution.

block {on|off}

on — Blocks all traffic.

off — Restores traffic and the Security Policy.

chain

Prints the names of internal Security Gateways that deal with packets. Use to ensure that a gateway is loaded. The names of these gateways can be used in the fw monitor -p command.

conn

Prints the names of the connection modules.