HOWTO: Change Postfix configuration for Threat Emulation MTA

How to change Postfix configuration for Threat Emulation MTA Solution ID sk109699 Product Threat Emulation, Threat Extraction, Anti-Spam Version R77, R77.10, R77.20, R77.30, R80.10   Procedure: Connect to command line on Security Gateway (over SSH, or console). Log in to Expert mode. Create the $FWDIR/conf/mta_postfix_options.cf file:[[email protected]]# touch $FWDIR/conf/mta_postfix_options.cf Edit the $FWDIR/conf/mta_postfix_options.cf file:[[email protected]]# vi $FWDIR/conf/mta_postfix_options.cf Add the desired…

Read More

Check Point Firewall – Connection Table Analysis

# fw tab -t connections -u > /var/log/connstat_Connections_Table.txt C:\Users\Windows7\Desktop>connStat.exe -help Usage: connStat -f [-a|-c|-s|-r|-l|-p|-d|-n ] -a Show all flags -c Connection state info -s Top X Services used -r Top X Rule used -l Top X Least Used Rules -d Top Clients and Servers -i Interfaces connection directions -p Top Protocols -n Specify X C:\Users\Windows7\Desktop>connStat.exe…

Read More

HOWTO: Check Point upgrade R77.x to R80.10

Pre-R80 Management Server Migration Tool – sk108623 – Download Target Version and Products: [[email protected]:0]# ./pre_upgrade_verifier –help This is Check Point Pre-Upgrade Verifier for version R80. Usage: pre_upgrade_verifier -p SecurityManagementPath -c CurrentVersion -t TargetVersion [-u | -a][-f FileName] [-w] Or: pre_upgrade_verifier -p SecurityManagementPath -c CurrentVersion -i [-f FileName] [-w] -p Path of the installed Security Management…

Read More

HOWTO: Debug Policy Verification

Solution Follow these steps: Connect to command line on Security Management Server / Multi-Domain Security Management Server. Log in to Expert mode. On Multi-Domain Security Management Server, switch to the context of the relevant Domain Management Server: [[email protected]:0]# mdsenv Start the debug of FWM daemon: [[email protected]:0]# fw debug fwm on TDERROR_ALL_ALL=5 [[email protected]:0]# fw debug fwm…

Read More

How to send Check Point Tracker Logs to External Syslog Server

Add following line at the end. Please note this is a single line command so add it appropriately. If required just type it manually [email protected]#: fw log -f -t -n -l 2> /dev/null | awk ‘NF’ | sed ‘/^$/d’ | logger -p local4.info -t CP_FireWall & Permanently; [email protected]#: cp /etc/rc.d/init.d/cpboot /etc/rc.d/init.d/cpboot.ORG Edit cpboot file; [email protected]#:…

Read More