Fwd restart via CLI

From cpwiki.net
Revision as of 22:53, 15 November 2013 by Nighthawk (Talk | contribs)

Jump to: navigation, search
Check Point Profressional Services

Contents

Problem

1) A firewall is logging locally. If a firewall is logging locally, then... A) No new logs are coming into the SmartCenter or CLM according to the SmartViewTracker or fw log command B) The $FWDIR/log/fw.log file is increasing in size on the firewall in question

2) There is not TCP log connection between the firewall fwd process and the log server / SmartCenter / CLM.

You should normally see an ESTABLISHED connection when running the following command on a firewall that is configured to log remotely. 

[Expert@chkpfw]# netstat -an | grep ":257" | grep -v -E "LISTEN|127.0.0.1"
tcp        0      0 172.16.0.254:48956          192.168.1.100:257           ESTABLISHED


Solution

command line fwd restart

stop/start commands 

# cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd"

# cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd"
Retrieved from "http://www.cpwiki.net/index.php?title=Fwd_restart_via_CLI&oldid=313"