Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Arun_Kumar
Explorer

Delete a specific connection entry in Checkpoint Gateway

Hi Guys,

I want to find out stale entries in connection table in Checkpoint gateway and want to delete a specific entry from table..

I got some script over internet but that is not certified with Checkpoint so do want to try directly.

Thanks!

Arun Kumar

2 Replies
Alisson_Lima
Contributor

Hi Arun Kumar,

I recommend you follow the SK103876, but is stressful situation calculating HEX numbers of connections. And then, Kaspars Zibarts‌ wrote a excellent article here about a good method to do it:

How to manually delete an entry from the Connections Table 

Regards,

Alisson Lima

0 Kudos
Daniel_Betancou
Employee
Employee

There is not out of state entries on the connection table. the security gateway does not storage them, for example if you are under a DDoS attack millions of ACK will arrive to the gateway but non of them will be save on the connection table. for obvious reasons.

You can delete an specific entry with the command bellow however is not recommended on production environments :

fw tab -t connections -x -e <5 touple on HEX >

Example :
fw tab -t connections -x -e  0000020,ad1e2f98,0000cb08,ab1aa870,0000470c,00000006 

to see your connection table :
#fw tab -t 8158

after the connection is delete you will have some out of state drops until the connection is established once again. 
 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events