Print Download PDF Send Feedback

Previous

Next

fgate (for Security Gateway)

Description

Installs and uninstalls the QoS policy on the managed Security Gateways.

Shows the status of the QoS Software Blade on the managed Security Gateways.

Controls the QoS debug.

For more information, see:

Syntax

fgate [-d]

ctl

-h

<QoS Module> {on | off}

debug

on

off

fetch

-f

<Management Server>

kill [-t <Signal Number>] <Name of QoS Process>

load

log

on

off

stat

stat [-h]

ver [-k]

unload

Parameters

Parameter

Description

-d

Runs the command in debug mode.

ctl -h

Shows the expected syntax and the list of the available QoS modules.

ctl <QoS Module> {on | off}

Controls the specified QoS module:

  • on - Enables the module (default)
  • off - Disables the module

Note - In R80.20, the only available QoS module is etmreg.

debug {on | off}

Controls the debug mode of the QoS user space daemon fgd50 (see sk41585):

  • on - Enables the debug
  • off - Disables the debug (default)

This sends additional debugging information to the fgd50 daemon's log file $FGDIR/log/fgd.elg.

fetch -f

Fetches and installs the QoS Policy from all the Management Servers configured in the $FWDIR/conf/masters file.

fetch <Management Server>

Fetches and installs the QoS Policy from the specified Management Server.

Enter the main IP address or the name of the Management Server object as configured in SmartConsole.

kill [-t <Signal Number>] <Name of QoS Process>

Sends the specified signal to the specified QoS user space process.

Notes:

  • In R80.20, the only available QoS user space process is fgd50.
  • The QoS fgd50 daemon, upon its startup, writes the PIDs of the applicable QoS user spaces processes to the $FWDIR/tmp/<Name of QoS Process>.pid files.

    For example: $FWDIR/tmp/fgd50.pid

  • If the file $FWDIR/tmp/<Name of QoS Process>.pid exists, then this command sends the specified Signal Number to the PID in that file.
  • If you do not specify the signal explicitly, the command sends Signal 15 (SIGTERM).
  • For the list of available signals and their numbers, run the kill -l command. For information about the signals, see the manual pages for the kill and signal.
  • To restart the QoS fgd50 daemon manually, run the etmstop and then etmstart commands.

load

Installs the local QoS Policy on the Security Gateway.

If this command fails, run the etmstop and then etmstart commands.

log {on | off | stat}

Controls the state of QoS logging in the Security Gateway kernel:

  • on - Enables the QoS logging (default)
  • off - Disables the QoS logging
  • stat - Shows the current QoS logging status

You can disable the QoS logging to save resources without reinstalling the QoS policy.

stat [-h]

Shows the status of the QoS Software Blade and policy on the Security Gateway.

The -h parameter shows the built-in usage for the stat parameter.

Important - This command is outdated and exists only for backward compatibility with very old versions. Use the cpstat command.

ver [-k]

Shows the QoS Software Blade version.

If you specify the -k parameter, the output also shows the kernel version.

unload

Uninstalls the QoS Policy from the Security Gateway.

Example 1 - Fetching the QoS policy based on the $FWDIR/conf/masters file

[Expert@MyGW]# fgate fetch -f

Fetching QoS Software Blade Policy:

Received Policy. Downloading...

 

eth0(inbound), eth0(outbound).

Download OK.

Done.

[Expert@MyGW]#

Example 2 - Fetching the QoS policy from the Management Server specified by its IP address

[Expert@MyGW]# fgate fetch 192.168.3.240

Fetching QoS Software Blade Policy:

Received Policy. Downloading...

 

eth0(inbound), eth0(outbound).

Download OK.

Done.

[Expert@MyGW]#

Example 3 - Viewing the QoS status

[Expert@MyGW]# fgate stat

 

Product: QoS Software Blade

Version: R80.20

Kernel Build: 135

Policy Name: MyPolicy

Install time: Mon Jun 11 15:49:57 2018

Interfaces Num: 1

 

 

Interface table

----------------------------------------------------------------

|Name|Dir|Limit (Bps)|Avg Rate (Bps)|Conns|Pend pkts|Pend bytes|

----------------------------------------------------------------

|eth0|in | 1250000000| 0| 0| 0| 0|

|eth0|out| 1250000000| 0| 0| 0| 0|

----------------------------------------------------------------

 

[Expert@MyGW]#

Example 4 - Viewing the QoS Software Blade version

[Expert@MyGW:0]# fgate ver

This is Check Point QoS Software Blade R80.20 - Build 339

[Expert@MyGW:0]#

[Expert@MyGW:0]# fgate ver -k

This is Check Point QoS Software Blade R80.20 - Build 339

kernel: R80.20 - Build 135

[Expert@MyGW:0]#