CheckPoint commands
  • “Expert mode”: expert
  • System Persistent config: sysconfig
  • Check Point product configuration: cpconfig
  • Number of sessions and network statistics: fw ctl pstat
  • To see if tunnels are up: vpn tunnelutil
  • To fail a node: cphaprob -d STOP -s problem -t 0 register
  • To remove the “failure”: cphaprob -d STOP unregister
  • To see the status of the cluster: cphaprob state
  • To see the status of the VIPs: cphaprob –a if
  • To see the NAT VIPs: fw ctl arp
  • To see what is going on in the network kernel: fw monitor
  • To configure dynamic routing: router

To sniff traffic:

fw monitor -e "accept dport=22 and src=192.168.0.2;"
fw monitor -e "accept net(172.27.0.0,16)"
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License