fw tab - Check Point man page

From cpwiki.net
Jump to: navigation, search
Check Point Profressional Services

Contents

fw tab

Description

The fw tab command enables you to view kernel table contents and change them (that is, only dynamic tables since the content of a static table is indeed static).

Usage

fw tab [-t ] [-s] -c] [-f] [-o <filename>] [-r] [-u | -m <maxvals>] [[-x | -a} -e entry] [-y] [hostname]"

Syntax

Argument Description
-t <table> Specifies a table for the command.
-s Displays a short summary of the table (s) information.
-y Specifies to not prompt a user before executing any commands.
-f Displays a formatted version of the table content. Every table may

have its own specific format style.

-o <filename> Dumps CL formatted output to filename, which can later be read by fw log or any other entity that can read FW log formats.
-c Displays formatted table information in common format.
-r Resolves IP addresses in formatted output.
-x, -a, -e It is possible to add or remove an entry from an existing dynamic table by using the -a or the -x flags, respectively. These flags must be followed by the -e flag and an entry description (<entry>).

Caution - Improper use of the -a and -x flags may cause system instability.

[hostname] A list of one or more targets. When not used, the local machine is used as the default target.

Example 

# fw tab -t  <table-name>  -a -e "1,2;3,4,5" or

or 

# fw tab -t  <table-name>   -a -e "<1,2;3,4,5>"

Adds an entry: <00000001,00000002,00000003,00000004,00000005,>to <table-name> 

# fw tab -t  <table-name>  -a -e "1,2,"

or 

# fw tab -t  <table-name>  -a -e "<1,2>"

Adds an entry with only a key field: <00000001,00000002>

If table <table-name> contains the following<0000000,00000001,00000002> entry:

<0000000,00000001,00000002> 

# fw tab-t <table-name> -x-e"0,1"

or 

# fw tab-t <table-name> -x-e"0,1;2"

Removes the entry from the specified table.

Comments

If table has the 'expire' attribute, entries added using the -a flag will receive the default table timeout.

This feature only works on local machine kernel tables and does not work on a remote machine's tables like additional fw tab commands.

The -x flag can be used independently of the -e flag in which case the entire table content is deleted.

This feature should only be used for debug purposes. It is not advisable to arbitrarily change the content of any kernel table since doing so may have unexpected results including unexpected security and connectivity

impacts.
Retrieved from "http://www.cpwiki.net/index.php?title=fw_tab_-_Check_Point_man_page&oldid=348"