Description
Unloads the policy from the specified managed Security Gateways or Cluster Members.
Note - On Multi-Domain Server, you must run this command in the context of the applicable Domain Management Server (
IP Address or Name of Domain Management Servermdsenv <
>
).
Warning
|
Notes
comp_init_policy
command on the Security Gateway (Cluster Member).fw fetch
cpstart
fw unloadlocal
command.Syntax
fwm [-d] unload <GW1> <GW2> ... <GWN> |
Parameters
Item |
Description |
---|---|
|
Runs the command in debug mode. Use only if you troubleshoot the command itself. For complete debug instructions, see the description of the |
<GW1> <GW2> ... <GWN> |
Specifies the managed Security Gateways by their main IP address or Object Name as configured in SmartConsole. |
Example
[Expert@MyGW:0]# cpstat -f policy fw
Product name: Firewall Policy name: CXL_Policy Policy install time: Tue Oct 23 18:23:14 2018 ... ... ... [Expert@MyGW:0]#
[Expert@MyGW:0]# sysctl -a | grep forwarding | grep -v bridge net.ipv6.conf.bond0.forwarding = 1 net.ipv6.conf.eth1.forwarding = 1 net.ipv6.conf.eth3.forwarding = 1 net.ipv6.conf.eth2.forwarding = 1 net.ipv6.conf.eth4.forwarding = 1 net.ipv6.conf.eth5.forwarding = 1 net.ipv6.conf.eth0.forwarding = 1 net.ipv6.conf.eth6.forwarding = 1 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.forwarding = 1 net.ipv6.conf.lo.forwarding = 1 net.ipv4.conf.bond0.mc_forwarding = 0 net.ipv4.conf.bond0.forwarding = 1 net.ipv4.conf.eth1.mc_forwarding = 0 net.ipv4.conf.eth1.forwarding = 1 net.ipv4.conf.eth2.mc_forwarding = 0 net.ipv4.conf.eth2.forwarding = 1 net.ipv4.conf.eth0.mc_forwarding = 0 net.ipv4.conf.eth0.forwarding = 1 net.ipv4.conf.lo.mc_forwarding = 0 net.ipv4.conf.lo.forwarding = 1 net.ipv4.conf.default.mc_forwarding = 0 net.ipv4.conf.default.forwarding = 1 net.ipv4.conf.all.mc_forwarding = 0 net.ipv4.conf.all.forwarding = 1 [Expert@MyGW:0]#
[Expert@MGMT:0]# fwm unload MyGW
Uninstalling Policy From: MyGW
Security Policy successfully uninstalled from MyGW...
Security Policy uninstall complete.
[Expert@MGMT:0]#
[Expert@MyGW:0]# cpstat -f policy fw
Product name: Firewall Policy name: Policy install time: ... ... ... [Expert@MyGW:0]#
[Expert@MyGW:0]# sysctl -a | grep forwarding | grep -v bridge net.ipv6.conf.bond0.forwarding = 0 net.ipv6.conf.eth1.forwarding = 0 net.ipv6.conf.eth3.forwarding = 0 net.ipv6.conf.eth2.forwarding = 0 net.ipv6.conf.eth4.forwarding = 0 net.ipv6.conf.eth5.forwarding = 0 net.ipv6.conf.eth0.forwarding = 0 net.ipv6.conf.eth6.forwarding = 0 net.ipv6.conf.default.forwarding = 0 net.ipv6.conf.all.forwarding = 0 net.ipv6.conf.lo.forwarding = 0 net.ipv4.conf.bond0.mc_forwarding = 0 net.ipv4.conf.bond0.forwarding = 0 net.ipv4.conf.eth1.mc_forwarding = 0 net.ipv4.conf.eth1.forwarding = 0 net.ipv4.conf.eth2.mc_forwarding = 0 net.ipv4.conf.eth2.forwarding = 0 net.ipv4.conf.eth0.mc_forwarding = 0 net.ipv4.conf.eth0.forwarding = 0 net.ipv4.conf.lo.mc_forwarding = 0 net.ipv4.conf.lo.forwarding = 0 net.ipv4.conf.default.mc_forwarding = 0 net.ipv4.conf.default.forwarding = 0 net.ipv4.conf.all.mc_forwarding = 0 net.ipv4.conf.all.forwarding = 0 [Expert@MyGW:0]# |