https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/102065#M8005 <P>Haven’t seen and with NAT it’s a bit more complicated due to the fact some of the NAT isn’t handled by actual rules but rather as a result of object definition.</P> Sat, 14 Nov 2020 16:11:56 GMT PhoneBoy 2020-11-14T16:11:56Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/102060#M8003 <P><STRONG>fw up_execute</STRONG> can be run on the gateway to find a matching Network policy rule in the live policy like this:</P> <DIV id="tinyMceEditorTimothy_Hall_0" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="up_execute.png" style="width: 874px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/8935i8C13FB0A4A42119D/image-size/large?v=v2&amp;px=999" role="button" title="up_execute.png" alt="up_execute.png" /></span></P> <P>&nbsp;</P> <P>Is there an equivalent CLI utility to find a matching NAT policy rule on the live gateway?&nbsp; I'm aware that Packet Mode searches can be executed against the NAT policy in the SmartConsole, but I'm looking for a CLI utility on the gateway itself.&nbsp; Thanks!</P> <P>&nbsp; &nbsp;&nbsp;</P> Sat, 14 Nov 2020 13:35:54 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/102060#M8003 Timothy_Hall 2020-11-14T13:35:54Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/102065#M8005 <P>Haven’t seen and with NAT it’s a bit more complicated due to the fact some of the NAT isn’t handled by actual rules but rather as a result of object definition.</P> Sat, 14 Nov 2020 16:11:56 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/102065#M8005 PhoneBoy 2020-11-14T16:11:56Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/102069#M8006 <P>Not even in R81?&nbsp; It seems like the NAT policy in that version is now acting more like a "real" policy layer, and allowing the use of Security Zones &amp; Dynamic Objects including Access Roles, as well as keeping hit counts.</P> Sun, 15 Nov 2020 00:15:09 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/102069#M8006 Timothy_Hall 2020-11-15T00:15:09Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/102101#M8007 <P>Perhaps there's a hidden flag for fw up_execute?</P> Mon, 16 Nov 2020 04:52:27 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/102101#M8007 PhoneBoy 2020-11-16T04:52:27Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/170560#M30895 <P>bump thread - this would be a useful feature</P> Tue, 07 Feb 2023 10:37:54 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/170560#M30895 Richard_Carson 2023-02-07T10:37:54Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/170606#M30896 <P>You can try searching the contents of the fwx_cache table which will hold the most recently hit NAT rules, see my post here:</P> <P><A href="https://community.checkpoint.com/t5/General-Topics/NAT-Cache-Table-Full/m-p/53547/highlight/true#M10689" target="_blank">https://community.checkpoint.com/t5/General-Topics/NAT-Cache-Table-Full/m-p/53547/highlight/true#M10689</A></P> <P>&nbsp;</P> <P>here is another helpful tool as well:</P> <H2><FONT size="4"><A id="link_25" title="showtable.sh - it shows statistics of the connections, fxw_cache and sam_blocked_ips tables" href="https://community.checkpoint.com/t5/API-CLI-Discussion/showtable-sh-it-shows-statistics-of-the-connections-fxw-cache/m-p/38974?search-action-id=58581607297&amp;search-result-uid=38974" target="_self">showtable.sh - it shows statistics of the connecti...</A></FONT></H2> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 07 Feb 2023 15:11:59 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/fw-up-execute-Equivalent-for-NAT-Rule-Matches/m-p/170606#M30896 Timothy_Hall 2023-02-07T15:11:59Z