Module "APPI" (Application Control Inspection)

Syntax

• On the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. / each Cluster Member Security Gateway that is part of a cluster., run in the Expert mode:

  fw ctl debug -m APPI + {all | <List of Debug Flags>}

• On the Scalable Platform Security Group A logical group of Security Appliances (in Maestro) / Security Gateway Modules (on Scalable Chassis) that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances / Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. In Maestro, each Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected., run in the Expert mode:

  g_fw ctl debug -m APPI + {all | <List of Debug Flags>}

Flag	Description
account	Accounting information
address	Information about connection's IP address
btime	Browse time
connection	Application Control Check Point Software Blade on a Security Gateway that allows granular control over specific web-enabled applications by using deep packet inspection. Acronym: APPI. connections
coverage	Coverage times (entering, blocking, and time spent)
error	General errors
global	Global policy operations
info	General information
limit	Application Control limits
memory	Memory allocation operations
module	Operations in the Application Control module (initialization, module loading, calls to the module, policy loading, and so on)
observer	Classification Object (CLOB) observer (data classification)
policy	Application Control policy
referrer	Application Control referrer
subject	Prints the debug subject of each debug message
timestamp	Prints the timestamp for each debug message (changes when you enable the debug flag 'coverage')
urlf_ssl	Application Control and URL Filtering Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF. for SSL
verbose	Prints additional information (used with other debug flags)
vs	Prints the VSID of the debugged Virtual System
warning	General warnings