fw

Description

Fetches and unloads Threat Prevention policy.
Controls the Firewall module.
Generates the Default Filter policy files.
Fetches the policy from the Management Server, peer Cluster Member, or local directory.
Fetches the specified Security or Audit log files from the specified Check Point computer.
Shows the list of interfaces and their IP addresses.
Shows information about Check Point computers in High Availability configuration and their states.
Controls ISP links in ISP Redundancy configuration.
Kills the specified Check Point processes.
Shows a list of hosts protected by the Security Gateway.
Shows the content of Check Point log files.
Switches the current active log file.
Shows a list of Security or Audit log files.
Merges several input log files into a single log file.
Runs FW Monitor to capture the traffic that passes through the Security Gateway.
Rebuilds pointer files for Security or Audit log files.
Manages the Suspicious Activity Monitoring (SAM) rules.
Manages the Suspicious Activity Policy editor.
Shows the contents of the Unified Policy kernel tables.
Shows the currently installed policy.
Shows and deletes the contents of the specified kernel tables.
Executes the offline Unified Policy.
Removes all policies from the Security Gateway or Cluster Member.
Shows the Security Gateway major and minor version number and build number.

Syntax

fw [-d] [-i]

amw <options>

ctl <options>

defaultgen

fetch <options>

fetchlogs <options>

getifs

hastat <options>

isp_link <options>

kill <options>

lichosts <options>

log <options>

logswitch <options>

lslogs <options>

mergefiles <options>

repairlog <options>

sam <options>

sam_policy <options>

showuptables <options>

stat

tab <options>

unloadlocal

up_execute <options>

ver <options>

Parameters

Parameter	Description
`-d`	Runs the command in debug mode. Note - If you use this parameter, then redirect the output to a file, or use the `script` command to save the entire CLI session.
`-i`	Specifies the CoreXL FW Instance.
`amw <`options`>`	Fetches and unloads Threat Prevention policy.
`ctl`	Controls the Firewall module.
`defaultgen`	Generates the Default Filter policy files.
`fetch` <options>	Fetches the policy from the Management Server, peer Cluster Member, or local directory.
`fetchlogs` <options>	Fetches the specified Security log files (`$FWDIR/log/.log`) or Audit log files (`$FWDIR/log/.adtlog`) from the specified Check Point computer.
`getifs`	Shows the list with this information: The name of interfaces, to which the Check Point Firewall kernel attached. The IP addresses assigned to the interfaces.
`hastat` <options>	Shows information about Check Point computers in High Availability configuration and their states.
`isp_link` <options>	Controls ISP links in ISP Redundancy configuration.
`kill` <options>	Kills the specified Check Point processes.
`lichosts <`options`>`	Shows a list of hosts protected by the Security Gateway.
`log` <options>	Shows the content of Check Point log files - Security (`$FWDIR/log/.log`) or Audit (`$FWDIR/log/.adtlog`).
`logswitch` <options>	Switches the current active log file - Security (`$FWDIR/log/fw.log`) or Audit (`$FWDIR/log/fw.adtlog`).
`lslogs` <options>	Shows a list of Security log files (`$FWDIR/log/.log`) or Audit log files (`$FWDIR/log/.adtlog`) residing on the local computer or a remote computer.
`mergefiles` <options>	Merges several input log files - Security (`$FWDIR/log/.log`) or Audit (`$FWDIR/log/.adtlog`) - into a single log file.
`monitor` <options>	Runs FW Monitor to capture the traffic that passes through the Security Gateway.
`repairlog` <options>	Rebuilds pointer files for Security log files (`$FWDIR/log/.log`) or Audit (`$FWDIR/log/.adtlog`) log files.
`sam` <options>	Manages the Suspicious Activity Monitoring (SAM) rules.
`sam_policy` <options>	Manages the Suspicious Activity Policy editor.
`showuptables` <options>	Shows the contents of the Unified Policy kernel tables.
`stat`	Shows the currently installed policy.
`tab <`options`>`	Shows and deletes the contents of the specified kernel tables.
`unloadlocal`	Uninstalls all policies from the Security Gateway or Cluster Member.
`up_execute <`options`>`	Executes the offline Unified Policy.
`ver <`options`>`	Shows the Security Gateway major and minor version number and build number.