http://www.cpwiki.net/index.php?action=history&feed=atom&title=Useful_firewall_one_liners 2026-04-29T09:55:49Z Revision history for this page on the wiki MediaWiki 1.21.10 http://www.cpwiki.net/index.php?title=Useful_firewall_one_liners&diff=162&oldid=prev 2013-07-10T16:00:08Z

<p>Pushed from Themanclub.</p> <p><b>New page</b></p><div><br /> == state sync sent/rec packets check ==<br /> fw ctl pstat | grep -A 1 &quot;Sync p&quot; | awk '{print $1,$2,$3}' <br /> <br /> fw ctl pstat | grep -A 1 &quot;Sync packets sent&quot; | grep total | awk '{print $3}' | awk -F , '{print $1}'<br /> <br /> fw ctl pstat | grep -A 1 &quot;Sync packets received&quot; | grep total | awk '{print $3}' | awk -F , '{print $1}'<br /> <br /> <br /> == VRRP ==<br /> get VRIDs<br /> clish -c &quot;show vrrp interfaces&quot; | grep VRID | tr -d '\n' ; echo &quot;&quot;<br /> <br /> == nokia validation ==<br /> <br /> '''Interfaces'''<br /> ssh -l username desthostname &quot;/bin/ifconfig -a | grep broadcast | grep -v vrrpmac&quot; | awk '{ i = NF-2; print $i }'<br /> <br /> '''Routes on ipso 6.x (remote command from jumpbox)'''<br /> ssh -l username firewall_name &quot;netstat -rn | grep user | sort -n&quot; | awk '{print $1, $4,$8}' <br /> '''Route on ipso 4.x'''<br /> ssh -l username firewall_name &quot;netstat -rn | grep iCSU | sort -n&quot; | awk '{print $1, $2,$6}' <br /> <br /> '''routes '''<br /> cat /config/active | grep &quot;default:gateway:address&quot;<br /> <br /> '''grab active interfaces only'''<br /> clish -c &quot;show interfaces&quot; | grep -B 1 On | grep Interface|awk '{print $3}'<br /> <br /> grab active interfaces and produce clish commands for '''logical interface''' stats<br /> clish -c &quot;show interfaces&quot; | grep -B 1 On | grep Interface | grep -v loop | grep -v Tunnel | awk '{print &quot;clish -c \&quot;show interface &quot;$3, &quot;statistics\&quot; |grep -C 1 Bytes;&quot;}'<br /> <br /> grab active interfaces and produce clish commands for '''physical interface''' stats unfiltered<br /> clish -c &quot;show interfaces&quot; | grep -B 1 Up | grep Interface | grep -v loop | grep -v Tunnel | awk '{print &quot;clish -c \&quot;show interface &quot;$3, &quot;statistics\&quot; ;&quot;}' <br /> error check<br /> clish -c &quot;show interfaces&quot; | grep -B 1 Up | grep Interface | grep -v loop | grep -v Tunnel | awk '{print &quot;clish -c \&quot;show interface &quot;$3, &quot;statistics\&quot; |grep -A 3 Errors;&quot;}'<br /> <br /> '''VRRP verfication'''<br /> vrrp pre-upgrade recon<br /> script that looks for any foreign vrrp advertisement<br /> <br /> ???<br /> <br /> == MDS commands ==<br /> <br /> Customer list - useful for determining mdscmd startcma/stopcma first parameter (not given by mdsstat)<br /> mdsquerydb Customers<br /> '''<br /> list firewall logs, sorted with backslash for copy/paste into gzip command'''<br /> # '''ls -t *.log |awk '{print $1,&quot;\\&quot;}'|sort -n|more'''<br /> <br /> <br /> [[category:check point]]</div>

Nighthawk