Checkpoint Serial Number, Mac Address
There are several ways to get Checkpoint serial number, mac address and model in order to either open a case with support or to get the information for archive purpose.
First thing is the serial number. In order to get the serial number of the Checkpoint device, one can go to the expert mode of checkpoint (login to ssh -> type ‘expert’) and type following command:
- dmiparse | grep ‘Product Name’ -> to get the model of the checkpoint device
- dmiparse | grep ‘Serial Number’ -> to get the serial number
- ifconfig -a | grep ‘HWaddr’ -> to get the mac address (usually Mgmt port is used)
- cplic print is also useful to get the list of the device mac address
Security Gateway
| CLISH Command | Equivalent "Expert" Command |
| show security-gateway policy | fw stat |
| show security-gateway policy summary | fw stat -s |
| show security-gateway policy details | fw stat -l |
| show security-gateway version | fw ver |
| show security-gateway memory statistics | fw ctl pstat |
| show security-gateway arp-table | fw ctl arp -n |
| show security-gateway arp-table resolved | fw ctl arp |
| show security-gateway affinity | fw ctl affinity -l -v -a |
| show security-gateway affinity cpu-ordered | fw ctl affinity -l -r -v -a |
| show security-gateway affinity statistics | fw ctl multik stat |
| show security-gateway monitored-interfaces | fw getifs |
| show security-gateway monitored-interfaces all | fw ctl iflist |
| show security-gateway parameter integer VALUE | fw ctl get int VALUE |
| show security-gateway parameter string VALUE | fw ctl get str VALUE |
| show security-gateway log-files | fw lslogs |
| show security-gateway tables | fw tab -s |
| show security-gateway tables search VALUE | fw tab -s | grep -i VALUE |
| show security-gateway table VALUE | fw tab -t VALUE |
| show security-gateway table VALUE summary | fw tab -t VALUE -s |
| show security-gateway table VALUE formatted | fw tab -t VALUE -f |
| show security-gateway ips status | ips stat |
Acceleration
| CLISH Command | Equivalent "Expert" Command |
| show securexl status | fwaccel stat |
| show securexl statistics | fwaccel stats |
| show securexl connections | fwaccel conns |
| show securexl version | fwaccel ver |
| *show multi-queue affinity | cpmq get -a |
| *show multi-queue driver-type VALUE | cpmq get rx_num VALUE |
Note: These commands are supported for kernel 2.6.18 Gateways only (R80.10, R80.20 and R80.30 2.6.18 Gateways).
System
| CLISH Command | Equivalent "Expert" Command |
| show system services run-level | chkconfig --list |
| show system service VALUE run-level | chkconfig --list VALUE |
| show system init-services | service --status-all |
| show system init-service VALUE | service VALUE status |
| show system disk usage | df -h |
| show system disk hw-raid status | raidconfig status |
| show system disk sw-raid status | raid_diagnostic |
| show system dmi-table | dmidecode | more |
| show system dmi-table search VALUE | dmidecode | grep -i VALUE | more |
| show installer cpinfo | cpinfo -y all |
| show file VALUE | more VALUE |
| show file VALUE search VALUE | cat VALUE | grep -i VALUE | more |
| show users-access-log | last -a |
Monitoring
| CLISH Command | Equivalent "Expert" Command |
| show syslog logs | cat /var/log/messages | more |
| show syslog logs search VALUE | cat /var/log/messages | grep -i VALUE | more |
| show syslog logs monitor | tail -f /var/log/messages |
| show syslog dmesg | dmesg | more |
| show syslog dmesg search VALUE | dmesg | grep -i VALUE | more |
Interfaces
| CLISH Command | Equivalent "Expert" Command |
| show interface VALUE features | ethtool -k VALUE |
| show interface VALUE driver-information | ethtool -i VALUE |
| show interface VALUE coalesce | ethtool -c VALUE |
| show interface VALUE pause-parameter | ethtool -a VALUE |
| show interface VALUE stats | ethtool -S VALUE |
Licensing
| CLISH Command | Equivalent "Expert" Command |
| show license status | cplic print -x |
| show license feature VALUE | cplic check VALUE |
