Difference between revisions of "fw tab - Check Point man page"
From cpwiki.net
(Created page with "== fw tab == == Description == The fw tab command enables you to view kernel table contents and change them (that is, only dynamic tables since the content of a static table ...") |
|||
| Line 15: | Line 15: | ||
!Description | !Description | ||
|- | |- | ||
| − | | -t table | + | | -t <nowiki> <table> </nowiki> |
| Specifies a table for the command. | | Specifies a table for the command. | ||
|- | |- | ||
| Line 45: | Line 45: | ||
|} | |} | ||
| − | Example | + | |
| + | == Example == | ||
fw tab -t <table-name> -a -e "1,2;3,4,5" or | fw tab -t <table-name> -a -e "1,2;3,4,5" or | ||
| − | fw tab -t <table-name> -a -e "<1,2;3,4,5>" | + | fw tab -t <table-name> -a -e "<1,2;3,4,5>" |
Adds an entry: <00000001,00000002,00000003,00000004,00000005,>to<table-name> | Adds an entry: <00000001,00000002,00000003,00000004,00000005,>to<table-name> | ||
| − | fw tab -t <table-name> -a -e "1,2," or | + | fw tab -t <table-name> -a -e "1,2," or |
| − | fw tab -t <table-name> -a -e "<1,2>" | + | fw tab -t <table-name> -a -e "<1,2>" |
Adds an entry with only a key field: <00000001,00000002> | Adds an entry with only a key field: <00000001,00000002> | ||
| + | |||
If table<table-name> contains the following<0000000,00000001,00000002> | If table<table-name> contains the following<0000000,00000001,00000002> | ||
entry: | entry: | ||
| + | |||
| + | <0000000,00000001,00000002> | ||
| + | |||
| + | fwtab-t<table-name>-x-e"0,1" or | ||
| + | fwtab-t<table-name>-x-e"0,1;2" | ||
| + | |||
| + | Removes the entry from the specified table. | ||
| + | |||
| + | == | ||
| + | Comments == | ||
| + | |||
| + | If table has the 'expire' attribute, entries added using the -a flag will receive the default table | ||
| + | timeout. | ||
| + | |||
| + | This feature only works on local machine kernel tables and does not work on a remote machine's tables like | ||
| + | additional fw tab commands. | ||
| + | |||
| + | The -x flag can be used independently of the -e flag in which case the entire table content is deleted. | ||
| + | |||
| + | This feature should only be used for debug purposes. It is not advisable to arbitrarily change the content of | ||
| + | any kernel table since doing so may have unexpected results including unexpected security and connectivity | ||
| + | impacts. | ||
Revision as of 18:10, 28 February 2014
Contents |
fw tab
Description
The fw tab command enables you to view kernel table contents and change them (that is,
only dynamic tables since the content of a static table is indeed static).
Usage
fw tab [-t| Argument | Description |
|---|---|
| -t <table> | Specifies a table for the command. |
| -s | Displays a short summary of the table (s) information. |
| -y | Specifies to not prompt a user before executing any commands. |
| -f | Displays a formatted version of the table content. Every table may
have its own specific format style. |
| -o <filename> | Dumps CL formatted output to filename, which can later be read by fw log or any other entity that can read FW log formats. |
| -c | Displays formatted table information in common format. |
| -r | Resolves IP addresses in formatted output. |
| -x, -a, -e | It is possible to add or remove an entry from an existing dynamic table by using the -a or the -x flags, respectively. These flags must be followed by the -e flag and an entry description (<entry>).
Caution - Improper use of the -a and -x flags may cause system instability. |
| [hostname] | A list of one or more targets. When not used, the local machine is used as the default target. |
