application , compliances , firewalls , networking , security

Notes: Secure Platform – Splat – Operating System Specific

May 26, 2012

Secure Platform – Splat – Operating System Specific Notes:

ifconfig –a or ifconfig <interface name>

Display the status of the currently active interfaces 

uname -a

Prints information about the current system on the standard output 

netstat – nr

Display kernel routing table 

top

Display real-time statistics, system summary information and tasks 

netstat –i

Display interface in / out / error / drop packets statistics 

uptime

Display the time since last reboot 

vmstat or vmstat <time interval in sec> 

/bin/data

Display current system date and time 

ping <ip address>

Check if the firewall has connectivity 

df – kh

Report file system disk usage 

mount /mnt/cdrom

Mount a cdrom 

ethtool <interface>

Check interface speed / duplex and connectivity 

dmesg or dmesg | more

Display last output of the console 

tail – 100 / var/log/messages or tail –f /var/log/messages (view in realtime) 

free

Display amount of free and used memory in the system 

cat /proc/interrupts

Verify how interfaces are balanced across the different IRQ’s 

modprobe usb-storage; mount <device> <mount point>

Mount a USB device

grep admin / etc/scpusers | wc –1

echo admin >> /etc/scpusers 

swapon –s

Display swap usage summary 

shutdown

Shutdown a SPLAT box 

ip route add <x.x.x.x> via <gw> ; /bin/save_route –save (to make it permanent)

Add a static route 

ip route del <x.x.x.x> via <gw> ; /bin/save_route –save (to make it permanent)

Delete a static route 

arp –an

Show arp entries 

ip route get <x.x.x.x>

Check which route a certain IP will take 

Shows the machines serial number

/usr/sbin/dmidecode | awk –F” : “ ‘  

fw ver

View installed firewall version 

fw stat

View last policy installed on the gateway 

cplic printlic

Display CheckPoint licences installed 

fwaccel stat

Verify SecureXL is enabled 

cpd_sched_config_print

Verify NTPD is enabled 

cpstop ; cpstart

Restarting the firewall processes 

cat $FWDIR/conf/discntd.if

Firewall unused cluster interfaces are defined 

cphaconf debug_data

Verify the cluster MAC addresses of the cluster interfaces

cphaprobe stats

Show the cluster status 

fw ctl get int fw_salloc_total_alloc_limit

Shows the FW kernel memory usage 

fw tab –t connections –s (show) ; fw tab –t connections –x

Shows and clears the FW connections table 

cphaprob –I list

List all monitored processes 

cphaprob –a if

List health of CCP protocol and cluster monitoring (run on both) 

fw ctl multik stat

Verify CoreXL is enabled and display multi-kernal statistics