You are on page 1of 2

Checkpoint SPLAT QuickCommand

http://www.asupport.net/web4help/checkpoint_splat_quickcommand.htm

Show Checkpoint SPLAT Quick Command


Commonly Used Linux Command Sometimes, I do have problem remembering Linux commands when I'm on my console. I will list the most common Linux commands and also specific for Checkpoint fw running on SPLAT(Secure Platform). It's a bit odd how they short form it to SPLAT :) ls -l (to list the files) ls -lrt (list the files according the dates, the last line will be the latest file) df -h (to view the size of the disks created, if the disk is 100% utilized, you might experienced some problem, especially if you are running the fw management server) df -k (the same as above, instead of megabytes, it will show you the size in kilobytes) netstat -rn (to show the routing table of your device) ifconfig ( to show the list of available interfaces) if your Linux has the tcpdump features, (i think most are pre-installed) the commands to sniff the packets on specific interface are as below; # tcpdump -i -s 1500net 10.200.1.0/24 -w/var/tmp/xxw.pcap *the interface name is the interface sets on your device. If you want to filter based on the network address, you should put as above, if filter based on host, change it to 'host 10.200.1.1'. The -s 1500 indicate the normal 1500 size packet you want to capture. If you don't define 1500, the packets captured will show incomplete details. -w is used to save the files to a specific folder. By defining the file extension with .pcap, you'd be able to double click the file to open it via ethereal. trace route (to do normal trace route functions. In windows, you'll use tracert) ping (to check the response of the destination server) ssh (to ssh using a defined username) grep command can be used at the end of the normal commands to grab specific name you wish to search for. Example, in your routing table, you wish the routing at your interface eth3. You'll use below commands; netstat -rn | grep eth3 If you wish to display the routing table per page, use | more at the end of your command line. Example; netstat -rn | more ps -ef (to check the processes running and identify the process ids and also which are consuming the most RAM) snmpd service stat (to check the status of the snmpd daemon)

For specific Checkpoint command line, the most commonly used are; cphaprob stat ( to check the Checkpoint High Availability status) cpstart ( to start the checkpoint application) cpstop (to stop the checkpoint application) sysconfig (to enter the network setting on the SPLAT machine) cpconfig ( to enter the checkpoint setting)

1 of 2

05-Mar-12 00:39

Checkpoint SPLAT QuickCommand

http://www.asupport.net/web4help/checkpoint_splat_quickcommand.htm

New ones for Checkpoint firewall cplic print (print the license) cpstat (to check cp stats) cpstat -vs 3 fw -f policy (to check the stats on the firewall VID=3 based on the fw vsx)

Other stats finding command lines cpstat os -f all cpstat os -f cpu fw tab -s -t connections fw ctl cpstat

2 of 2

05-Mar-12 00:39