Difference between revisions of "Fwd restart via CLI"
From cpwiki.net
(Created page with "command line fwd restart == stop/start commands == cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd" cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -...") |
(!) |
||
| Line 1: | Line 1: | ||
| − | command line fwd restart | + | |
| + | == Problem== | ||
| + | 1) A firewall is logging locally. If a firewall is logging locally, then... | ||
| + | A) No new logs are coming into the SmartCenter or CLM according to the SmartViewTracker or fw log command | ||
| + | B) The $FWDIR/log/fw.log file is increasing in size on the firewall in question | ||
| + | |||
| + | 2) There is not TCP log connection between the firewall fwd process and the log server / SmartCenter / CLM. | ||
| + | |||
| + | You should normally see an ESTABLISHED connection when running the following command on a firewall that is configured to log remotely. | ||
| + | [Expert@chkpfw]# '''netstat -an | grep ":257" | grep -v -E "LISTEN|127.0.0.1"''' | ||
| + | tcp 0 0 172.16.0.254:48956 192.168.1.100:257 ESTABLISHED | ||
| + | |||
| + | |||
| + | == Solution == | ||
| + | |||
| + | |||
| + | == command line fwd restart == | ||
| + | |||
== stop/start commands == | == stop/start commands == | ||
| − | cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd" | + | # cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd" |
| − | cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd" | + | |
| + | # cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd" | ||
| + | |||
| + | [[category:logging]] | ||
Revision as of 22:53, 15 November 2013
Contents |
Problem
1) A firewall is logging locally. If a firewall is logging locally, then... A) No new logs are coming into the SmartCenter or CLM according to the SmartViewTracker or fw log command B) The $FWDIR/log/fw.log file is increasing in size on the firewall in question
2) There is not TCP log connection between the firewall fwd process and the log server / SmartCenter / CLM.
You should normally see an ESTABLISHED connection when running the following command on a firewall that is configured to log remotely.
[Expert@chkpfw]# netstat -an | grep ":257" | grep -v -E "LISTEN|127.0.0.1" tcp 0 0 172.16.0.254:48956 192.168.1.100:257 ESTABLISHED
Solution
command line fwd restart
stop/start commands
# cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd"
# cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd"
