Global Commands

The Gaia operating system includes a set of global commands that apply to all or specified Security Group Members.

Working with Global Commands

Background
  • Gaia gClish commands apply globally to all Security Group Members, by default.

  • Gaia gClish commands do not apply to Security Group Members that are in the DOWN state in the Security Group.

    If you run a "set" command while a Security Group Member is in the DOWN state, the command does not update that Security Group Member.

    The Security Group Member synchronizes its database during startup and applies the changes after reboot.

  • Gaia Clish commands apply only to the specific Security Group Member.

    For these commands, see the R81.20 Gaia Administration Guide.

Global Commands

Command

Instructions

auditlog

  • Enabled by default.

  • All commands are recorded in the audit log.

  • To learn more about the audit log, see Looking at the Audit Log.

config-lock

  • Protects the Gaia gClish database by locking it. Each Security Group Member has one lock.

  • To set Gaia gClish operations for an Security Group Member, the Security Group Member must hold the "config-lock".

  • To set the "config-lock", run:

    set config-lock on override

  • Gaia gClish traffic runs on the Sync interface, TCP port 1129.

blade-range

  • Runs commands on specified Security Group Members.

  • Runs Gaia gClish embedded commands only on this subset of Security Group Members.

  • We do not recommend that you use the blade-range command, because all Security Group Members must have identical configurations.

Check Point Global Commands

These global commands apply to more than one Security Group Member. These global commands let you work with Security Gateway and SecureXL.

General Global Commands

Global commands apply to more than one Security Group Member.

These commands are available in Gaia Clish and Gaia gClish:

In Gaia Clish and Gaia gClish

In the Expert mode

update_conf_file

g_update_conf_file

global

global_help

asg_cp2blades

asg_cp2blades

asg_clear_table

asg_clear_table

Below are some global commands

Global Operating System Commands

Global operating system commands are standard Linux commands that run on all or specified Security Group Members.

When you run a global command in Gaia gClish, the operating system runs a global script that is the standard Linux command on the Security Group Members.

When you run a command in the Expert mode, it works as a standard Linux command.

To use the global command in the Expert mode, run the global command script version as shown in this table:

Gaia gClish Command

Global Command in the Expert mode

arp

g_arp

cat

g_cat

cp

g_cp

dmesg

g_dmesg

ethtool

g_ethtool

ifconfig

asg_ifconfig

ls

g_ls

md5sum

g_md5sum

mv

g_mv

netstat

g_netstat

reboot

g_reboot

tail

g_tail

tcpdump

g_tcpdump

top

g_top

Notes:

  • The parameters and options for the standard Linux command are available for the global command.

  • You can use one or more flags.

  • Do not use these two flags together in the same command:

    • The "-l" flag - to execute the command only on the local Security Group Member

    • The "-r" flag - to execute the command only on the remote Security Group Member

Syntax

  • In Gaia Clish:

    <Gaia gClish Command> [-b <SGM IDs>] <Command Options>]

  • In the Expert mode:

    <Global Expert mode Command> [-b <SGM IDs>] <Command Options>]

Parameters

Parameter

Description

<Gaia gClish Command>

Standard command in Gaia gClish as appears in the table above.

<Global Expert mode Command>

Global command in the Expert mode as appears in the table above.

-b <SGM IDs>

Applies to Security Group Members as specified by the <SGM IDs>.

<SGM IDs> can be:

  • No <SGM IDs> specified, or all

    Applies to all Security Group Members and all Maestro Sites

  • One Security Group Member (for example, 1_1)

Note - You can only select Security Group Members from one Site with this option.

<Command Options>

Standard command options for the specified command.

Below are explanations about some of the global commands.