最近在学习checkpoint,可能陆续会有相关的文章贴上来和大家分享,请各位多多指点哦。
这里先贴上CLI Tools的学习笔记,讲的不对的地方请大家不吝赐教。
先介绍下CLI tools, CLI是Command Line Interface的缩写说白了CLI tools 就是checkpoint为系统管理员提供的命令行管理界面及一些命令。跟linux text界面的概念是一回事。
下面是相关命令介绍,附件有checkpoint expert mode CLI命令介绍的pdf文档,记得下载哦。
1.系统配置命令: sysconfig
登录checkpoint 命令行界面后之后在命令行中输入sysconfig,系统将进入以下界面
可以选择相应的选项做相关的配置。这些配置在web管理界面都是可以做的,这里就不详细介绍了。
2.进入专家模式:expert
登录checkpoint firewall之后在命令行中输入expert,输入expert密码,进入专家模式
进入专家模式后可使用如下命令:
tcpdum -i eth0 tcpdump命令选项: Usage: tcpdump [-adeflnNOpqRStuvxX] [ -c count ] [ -C file_size ] [ -F file ] [ -i interface ] [ -r file ] [ -s snaplen ] [ -T type ] [ -U user ] [ -w file ] [ -E algo:secret ] [ expression ] fw unloadlocal unload current policy on the gateway,and sets the gateway to the default policy。 fw stat the policy name will be displayed。 fw ver the gateway version is displayed。 fw --help 命令行帮助 [Expert@firewall]# fw --help Unknown command "--help" Usage: fw ver [-h] ... # Display version fw kill [-sig_no] procname # Send signal to a daemon fw putkey ... # Client server keys fw sam ... # Control sam server fw sam_policy ... # SAM policy editor fw fetch targets # Fetch last policy fw amw fetch # Fetch Anti Malware policy fw tab [-h] ... # Kernel tables content fw monitor [-h] ... # Monitor VPN-1/FW-1 traffic fw ctl [args] # Control kernel fw lichosts # Display protected hosts fw log [-h] ... # Display logs fw logswitch [-h target] [+|-][oldlog] # Create a new log file; # the old log is moved fw repairlog ... # Log index recreation fw mergefiles ... # log files merger fw lslogs ... # Remote machine log file list fw fetchlogs ... # Fetch logs from a remote host netstat -rn displays the routting table ifconfig 接口配置命令,具体看ifconfig -h cpstop 停止服务 cpstart 开启服务 cprestart 重启服务 adduser username To add the administrator deluser username To delete the administrator showusers show all user backup -f yourname_backup 创建备份 备份存储路径:/var/CPbackup/backups restore -f backupfilename 还原备份 必须在备份目录下
本文出自 “Centi.Linux” 博客,请务必保留此出处http://centilinux.blog.51cto.com/1454781/1008367
