Checkpoint commands generally come under,


• cp - general
• fw - firewall
• fwm - management
CP, FW & FWM Commands


cphaprob stat List cluster status
cphaprob -a if List status of interfaces

cphaprob syncstat
shows the sync status

cphaprob list
Shows a status in list form

cphastart/stop Stops clustering on the specfic node

cp_conf sic SIC stuff
cpconfig config util
cplic print prints the license
cprestart Restarts all Checkpoint Services
cpstart Starts all Checkpoint Services
cpstop Stops all Checkpoint Services
cpstop -fwflag -proc
Stops all checkpoint Services but keeps policy active in kernel

cpwd_admin list List checkpoint processes
cplic print Print all the licensing information.

cpstat -f all polsrv
Show VPN Policy Server Stats

cpstat
Shows the status of the firewall


fw tab -t sam_blocked_ips Block IPS via SmartTracker
fw tab -t connections -s
Show connection stats
fw tab -t connections -f
Show connections with IP instead of HEX

fw tab -t fwx_alloc -f
Show fwx_alloc with IP instead of HEX

fw tab -t peers_count -s
Shows VPN stats

fw tab -t userc_users -s
Shows VPN stats

fw checklic Check license details
fw ctl get int [global kernel parameter]
Shows the current value of a global kernel parameter

fw ctl set int [global kernel parameter] [value]
Sets the current value of a global keneral parameter. Only Temp ; Cleared after reboot.

fw ctl arp Shows arp table
fw ctl install Install hosts internal interfaces
fw ctl ip_forwarding Control IP forwarding
fw ctl pstat System Resource stats
fw ctl uninstall Uninstall hosts internal interfaces
fw exportlog .o Export current log file to ascii file
fw fetch Fetch security policy and install
fw fetch localhost
Installs (on gateway) the last installed policy.

fw hastat
Shows Cluster statistics
fw lichosts Display protected hosts
fw log -f Tail the current log file
fw log -s -e Retrieve logs between times
fw logswitch Rotate current log file
fw lslogs Display remote machine log-file list
fw monitor Packet sniffer
fw printlic -p Print current Firewall modules
fw printlic Print current license details
fw putkey Install authenication key onto host
fw stat -l
Long stat list, shows which policies are installed

fw stat -s Short stat list, shows which policies are installed

fw unloadlocal Unload policy
fw ver -k Returns version, patch info and Kernal info
fwstart Starts the firewall
fwstop Stop the firewall

fwm lock_admin -v
View locked admin accounts

fwm dbexport -f user.txt used to export users , can also use dbimport
fwm_start
starts the management processes
fwm -p Print a list of Admin users
fwm -a Adds an Admin
fwm -r Delete an administrator

Provider 1

mdsenv [cma name]
Sets the mds environment

mcd
Changes your directory to that of the environment.

mds_setup
To setup MDS Servers

mdsconfig
Alternative to cpconfig for MDS servers

mdsstat To see the processes status

mdsstart_customer [cma name]
To start cma

mdsstop_customer [cma name]
To stop cma

cma_migrate
To migrate an Smart center server to CMA

cmamigrate_assist
If you dont want to go through the pain of tar/zip/ftp and if you wish to enable FTP on Smart center server


VPN

vpn tu
VPN utility, allows you to rekey vpn

vpn ipafile_check ipassignment.conf detail‏
Verifies the ipassignment.conf file

dtps lic
show desktop policy license status

cpstat -f all polsrv
show status of the dtps

vpn shell /tunnels/delete/IKE/peer/[peer ip]
delete IKE SA

vpn shell /tunnels/delete/IPsec/peer/[peer ip]
delete Phase 2 SA

vpn shell /show/tunnels/ike/peer/[peer ip]
show IKE SA
vpn shell /show/tunnels/ipsec/peer/[peer ip]
show Phase 2 SA
vpn shell show interface detailed [VTI name]
show VTI detail


Debugging

fw ctl zdebug drop
shows dropped packets in realtime / gives reason for drop


SPLAT Only

router
Enters router mode for use on Secure Platform Pro for advanced routing options

patch add cd
Allows you to mount an iso and upgrade your checkpoint software (SPLAT Only)

backup
Allows you to preform a system operating system backup

restore
Allows you to restore your backup

snapshot
Performs a system backup which includes all Checkpoint binaries. Note : This issues a cpstop.


VSX

vsx get [vsys name/id]
get the current context

vsx set [vsys name/id]
set your context

fw -vs [vsys id] getifs
show the interfaces for a virtual device

fw vsx stat -l
shows a list of the virtual devices and installed policies
fw vsx stat -v
shows a list of the virtual devices and installed policies (verbose)

reset_gw
resets the gateway, clearing all previous virtual devices and settings.

Routeto show routes
or
fw getifs gets the interfaces, IP and netmask

ip address showTo show mac address per interface
or
ip link list
***
ip route
ip route show To show the ip/netmask/interface and the VRRP IP that the traffic will use
***
ip neigh showYou can view your machines current arp/neighbor or cache table