hit counter

From cpwiki.net
Jump to: navigation, search
Check Point Profressional Services


Prerequisites for hit counter functionality

Global Properties that must be enabled

CLI to query(must be in CMA environment on an MDM) 

# cpmiquerybin object "" properties "name='firewall_properties'" | grep -i enable_hit_count 
:enable_hit_count (1)



# cpmiquerybin object "" properties "name='firewall_properties'" | grep rulebase_uids_in_log
:rulebase_uids_in_log (true)


max table size (on fw gateways)

hit counter fw module max table size

sk90040 

fw ctl get int fw_rules_uid_max_dic_entries

fw ctl set int fw_rules_uid_max_dic_entries VALUE

for surviving reboot... Changing the kernel global parameters for Check Point Security Gateway

Retrieved from "http://www.cpwiki.net/index.php?title=hit_counter&oldid=689"