NamE Avyd
Avyd
/ CheckPoint_Firewall_CLI_Commands
Created
July 22, 2014 13:46
CheckPoint_Firewall_CLI_Commands
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| fw ver | |
| fw lslogs # List log files | |
| fw ctl iflist # Interface list | |
| fw ctl pstat # Kernel memory and connections | |
| fw log -c drop # Show dropped connections | |
| fw log -f # Tail logs | |
| fw stat -l # Show flow (policy, drop, accept..etc) | |
| fw monitor -e 'accept host(10.1.1.1);' | |
| fw monitor -e 'accept host(10.1.1.1) and dst=10.1.1.2;' | |
| fw monitor -e 'accept host(1.1.1.1) and host(2.2.2.2) and not ping;' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Cisco ASA dumping | |
| access-list whatever permit ip 192.168.12.0 255.255.255.0 any | |
| access-list whatever permit ip any 192.168.12.0 255.255.255.0 | |
| capture whatever access-l whatever circular-buffer interface outside buffer 64000 real-time | |
| # Remove ACL and stop capture | |
| no access-list whatever permit ip 192.168.12.0 255.255.255.0 any | |
| no access-list whatever permit ip any 192.168.12.0 255.255.255.0 | |
| no capture whatever |
OlderNewer