Basic firewall information gathering

arp -a

ifconfig -a

route -n

netstat -an

cphaprob list

cphaprob stat

cphaprob if

cphaprob -a if

cphaconf show_bond -a

fw ctl iflist

cplic print

cpwd_admin list

fw stat

fw ver

fw ctl arp

fw tab -t connections -s Basic firewall information gathering fw ver ---Check FW-1/VPN-1 major and minor version as well as build number and latest installed hotfix. fwm ver ---Check management module major and minor version as well as build number and latest installed hotfix. vpn ver ---Check VPN-1 major and minor version as well as build number and latest installed hotfix. Use the switch -k for additional kernel version. cpshared_ver ---Show the version of the SVN Foundation. fw stat ---Show the name of the currently installed policy as well as a brief interface list. Can be used with the -long or -short switch for more information. cpwd_admin list ---Display process information about CP processes monitored by the CP WatchDog. fw ctl iflist ---Display interface list. fw ctl arp [-n] ---Display proxy arp table. -n disables name resolution. fw ctl pstat ---Display internal statistics including information about memory, inspect, connections and NAT. fw ctl chain ---Displays in and out chain of CP Modules. Useful for placing fw monitor into the chain with the fw ctl zdebug drop ---Real time listing of dropped packets. cp_conf sic state ---Display current SIC trust state. cp_conf lic get ---View licenses. cp_conf finger get ---Display fingerprint on the management module. cp_conf client get ---Display GUI clients list. cp_conf admin get ---Display admin accounts and permissions. Also fwm -p cp_conf auto get all ---Display auto state of all products. Also works with fw1, fg1 and rm instead of all. cpstat <app_flag> [-f flavour] ---Display status of the CP applications. Command has to be used with a application flag app_flag and an optional flavour. Issue cpstat without any options to see  see all possible application flags and corresponding flavours. Examples: cpstat fw -f policy –--verbose policy info cpstat fw -f sync –--Synchronisation statistics cpstat os -f cpu –--CPU utilization statistics cpstat os -f memory –--Memory usage info cpstat os -f ifconfig –--Interface table fgate stat ---Status and statistics of Flood-Gate-1. fwaccel <stat|stats|conns> ---Status and statistics or connection table of SecureXL. cpinfo -z -o <file> ---Create a compressed cpinfo file to open with the InfoView utility or to send to Check Point support. fw hastat ---View HA state of local machine. cphaprob state ---View HA state of all cluster members. vpn overlap_encdom ---Show, if any, overlapping VPN domains. fw tab –t <tbl> [–s] ---View kernel table contents. Make output short with -s switch. List all available tables with fw tab -s. E.g. fw tab -t connections -s ---Connections table. avsu_client [-app <app>] get_version ---Get local signature version and status of content security <app> where <app> can be “Edge AV”, “URL Filtering” and “ICS”. Without the -app <app> option “Anti Virus” is used by default. avsu_client [-app <app>] fetch_remote -fi ---Check if signature for <app> is up-to-date. See previous command for the possible values of <app>. show asset hardware View hw info like serial numbers in Nokia clish. See also ipsctl -a and cat /var/etc/.nvram. info device View Edge Appliance information (hw, fwl, license..) info computers List active devices behind Edge Appliance.