I.

T Services Checkpoint Firewall-1

Firewall Commands
The basic commands used for firewall administration. These commands are used only for
Unix platform.

fwm –a - Add a administrator

fwm –r - Delete an administrator
fwm -p - Display administrators list

fwstart - Start the firewall

fwstop - Stop the firewall

fw stat –long - Long stat list

fw stat –short - Short stat list

fw checklic - Check license details

fw printlic - Print current license details
fw printlic -p - Print current Firewall modules
fw putlic –o - Overwrite existing licenses (delete ones already installed)
fw putlic –k - Load license into kernel
fw lichosts - Display internal hosts

fw ver - Display version number

fw putkey - Install authenication key onto host

fw tab - Display contents of the inspect table

fw tab –s - As above but short list
fw tab -t <table> -u - Display current connections

fw exportlog –o <file> - Export current log file to ascii file

fw logswitch - Rotate current log file

fw kill –t - Kill firewall daemon

fw ctl ip_forwarding - control IP forwarding

fw ctl pstat - Display internal stats of Firewall
fw ctl install - Install hosts internal interfaces
fw ctl uninstall - Uninstall hosts internal interfaces

fw fetch <host> - Fetch security policy and install

fw gen <filename> - Generate a *.pf file from a *.W file

fw log -f - Tail the current log file

fw log -s <start> -e <end> - Retrieve logs between times

fw sam –i src <host> -t <time sec> - inhibit host (source) for number of secs
fw sam –C -i src <host> -t <time sec> - remove inhibit from sam database
Note: use fw tab to view blocked connections

firewall_commands.doc Page: 1