Checkpoint Firewall Cheat Sheet

The basic commands used for firewall administration. These commands are used only for the Unix platform.

Add a administrator fwm a
Delete an administrator fwm r
Display administrators list fwm -p
Start the firewall fwstart
Stop the firewall fwstop
Long stat list fw stat -long
Short stat list fw stat -short
Check license details fw checklic
Print current license details fw printlic
Print current Firewall modules fw printlic -p
Overwrite existing licenses (delete ones already installed) fw putlic o
Load license into kernel fw putlic k
Display internal hosts fw lichosts
Display version number fw ver
Install authenication key onto host fw putkey
Display contents of the inspect table fw tab
As above but short list fw tab s
Display current connections fw tab -t -u
Export current log file to ascii file fw exportlog o
Rotate current log file fw logswitch
Kill firewall daemon fw kill t
control IP forwarding fw ctl ip_forwarding
Display internal stats of Firewall fw ctl pstat
Install hosts internal interfaces fw ctl install
Uninstall hosts internal interfaces fw ctl uninstall
Fetch security policy and install fw fetch
Generate a *.pf file from a *.W file fw gen
Tail the current log file fw log -f
Retrieve logs between times fw log -s -e
inhibit host (source) for number of secs fw sam i src -t
remove inhibit from sam database fw sam C -i src -t
use fw tab to view blocked connections Note