fw

Description

  • Fetches and unloads Threat Prevention policy.

  • Controls the Firewall module.

  • Generates the Default Filter policy files.

  • Fetches the policy from the Management Server, peer Cluster Member, or local directory.

  • Fetches the specified Security or Audit log files from the specified Check Point computer.

  • Shows the list of interfaces and their IP addresses.

  • Shows information about Check Point computers in High Availability configuration and their states.

  • Controls ISP links in ISP Redundancy configuration.

  • Kills the specified Check Point processes.

  • Shows a list of hosts protected by the Security Gateway.

  • Shows the content of Check Point log files.

  • Switches the current active log file.

  • Shows a list of Security or Audit log files.

  • Merges several input log files into a single log file.

  • Runs FW Monitor to capture the traffic that passes through the Security Gateway.

  • Rebuilds pointer files for Security or Audit log files.

  • Manages the Suspicious Activity Monitoring (SAM) rules.

  • Manages the Suspicious Activity Policy editor.

  • Shows the contents of the Unified Policy kernel tables.

  • Shows the currently installed policy.

  • Shows and deletes the contents of the specified kernel tables.

  • Executes the offline Unified Policy.

  • Removes all policies from the Security Gateway or Cluster Member.

  • Shows the Security Gateway major and minor version number and build number.

Syntax

fw [-d] [-i]

      amw <options>

      ctl <options>

      defaultgen

      fetch <options>

      fetchlogs <options>

      getifs

      hastat <options>

      isp_link <options>

      kill <options>

      lichosts <options>

      log <options>

      logswitch <options>

      lslogs <options>

      mergefiles <options>

      repairlog <options>

      sam <options>

      sam_policy <options>

      showuptables <options>

      stat

      tab <options>

      unloadlocal

      up_execute <options>

      ver <options>

Parameters

Parameter

Description

-d

Runs the command in debug mode.

Use only if you troubleshoot the command itself.

Best Practice - If you use this parameter, then redirect the output to a file, or use the script command to save the entire CLI session.

-i

Specifies the CoreXL Firewall instance.

See fw -i.

amw <options>

Fetches and unloads Threat Prevention policy.

See fw amw.

ctl

Controls the Firewall module.

See fw ctl.

defaultgen

Generates the Default Filter policy files.

See fw defaultgen.

fetch <options>

Fetches the policy from the Management Server, peer Cluster Member, or local directory.

See fw fetch.

fetchlogs <options>

Fetches the specified Security log files ($FWDIR/log/*.log*) or Audit log files ($FWDIR/log/*.adtlog*) from the specified Check Point computer.

See fw fetchlogs.

getifs

Shows the list with this information:

  • The name of interfaces, to which the Check Point Firewall kernel attached.

  • The IP addresses assigned to the interfaces.

See fw getifs.

hastat <options>

Shows information about Check Point computers in High Availability configuration and their states.

See fw hastat.

isp_link <options>

Controls ISP links in the ISP Redundancy configuration.

See fw isp_link.

kill <options>

Kills the specified Check Point processes.

See fw kill.

lichosts <options>

Shows a list of hosts protected by the Security Gateway.

See fw lichosts.

log <options>

Shows the content of Check Point log files - Security ($FWDIR/log/*.log) or Audit ($FWDIR/log/*.adtlog).

See fw log.

logswitch <options>

Switches the current active log file - Security ($FWDIR/log/fw.log) or Audit ($FWDIR/log/fw.adtlog).

See fw logswitch.

lslogs <options>

Shows a list of Security log files ($FWDIR/log/*.log*) or Audit log files ($FWDIR/log/*.adtlog*) residing on the local computer or a remote computer.

See fw lslogs.

mergefiles <options>

Merges several input log files - Security ($FWDIR/log/*.log) or Audit ($FWDIR/log/*.adtlog) - into a single log file.

See fw mergefiles.

monitor <options>

Runs FW Monitor to capture the traffic that passes through the Security Gateway.

See fw monitor.

repairlog <options>

Rebuilds pointer files for Security log files ($FWDIR/log/*.log) or Audit ($FWDIR/log/*.adtlog) log files.

See fw repairlog.

sam <options>

Manages the Suspicious Activity Monitoring (SAM) rules.

See fw sam.

sam_policy <options>

Manages the Suspicious Activity Policy editor.

See fw sam_policy.

showuptables <options>

Shows the contents of the Unified Policy kernel tables.

See fw showuptables.

stat

Shows the currently installed policy.

See fw stat.

tab <options>

Shows and deletes the contents of the specified kernel tables.

See fw tab.

unloadlocal

Uninstalls all policies from the Security Gateway or Cluster Member.

See fw unloadlocal.

up_execute <options>

Executes the offline Unified Policy.

See fw up_execute.

ver <options>

Shows the Security Gateway major and minor version number and build number.

See fw ver.