fwaccel synatk

Description

Important:

The same SecureXL Check Point product on a Security Gateway that accelerates IPv4 and IPv6 traffic that passes through a Security Gateway. command must run on all Security Group Members.

Therefore, you must run the SecureXL commands in either Gaia gClish The name of the global command line shell in Check Point Gaia operating system for Security Appliances connected to Check Point Quantum Maestro Orchestrators. Commands you run in this shell apply to all Security Appliances in the Security Group., or Expert mode.
- In Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. gClish, run the "fwaccel ..." and "fwaccel6 ..." commands.
- In the Expert mode, run the "g_fwaccel ..." and "g_fwaccel6 ..." commands.
When you add a new Security Group Member to a Security Group, the new Security Group Member pulls the "fwaccel synatk" configuration that you saved it in a configuration file - in the default file $FWDIR/conf/synatk.conf, or in the file specified with the "fwaccel synatk -c" command.

Syntax for IPv4

fwaccel synatk

-a

-c <options>

-d

-e

-g

-m

-t <options>

config

monitor <options>

state <options>

whitelist <options>

Syntax for IPv6

fwaccel6 synatk

-a

-c <options>

-d

-e

-g

-m

-t <options>

config

monitor <options>

state <options>

whitelist <options>

Parameters

Parameter	Description
No Parameters	Shows the applicable built-in usage.
`-a`	Applies the configuration from the default file. See fwaccel synatk -a.
`-c <options>`	Applies the configuration from the specified file. See fwaccel synatk -c <Configuration File>.
`-d`	Disables the Accelerated SYN Defender on all interfaces. See fwaccel synatk -d.
`-e`	Enables the Accelerated SYN Defender on interfaces with topology "External". Enables the Accelerated SYN Defender in Monitor (Detect only) mode on interfaces with topology "Internal". See fwaccel synatk -e.
`-g`	Enables the Accelerated SYN Defender on all interfaces. See fwaccel synatk -g.
`-m`	Enables the Accelerated SYN Defender in Monitor (Detect only) mode on all interfaces. In this state, the Accelerated SYN Defender only sends a log when it recognizes a TCP SYN Flood attack. See fwaccel synatk -m.
`-t <options>`	Configures the threshold numbers of half-opened TCP connections that trigger the Accelerated SYN Defender. See fwaccel synatk -t <Threshold>.
`config`	Shows the current Accelerated SYN Defender configuration. See fwaccel synatk config.
`monitor <options>`	Shows the Accelerated SYN Defender status. See fwaccel synatk monitor.
`state <options>`	Controls the Accelerated SYN Defender states. See fwaccel synatk state.
`whitelist <options>`	Controls the Accelerated SYN Defender whitelist. See fwaccel synatk whitelist.