This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
the_rock
MVP Diamond
MVP Diamond
‎2026-01-15 05:14 AM

FW health/HA/Internet connectivity scripts

Hey guys,

I put together scripts I ran in the lab that show some useful info about fw health/ha/internet connectivity. Might be useful to some people. I attached it here, as well as output I got. You should just run dos2unix on it first, then chmod 777

output in my lab:

[Expert@CP-GW:0]# ./health.sh
Check Point Firewall Health Snapshot
Host: CP-GW
Time: Thu Jan 15 08:09:19 EST 2026
Full mode: 0
Report: /var/log/cp_fw_health_CP-GW_20260115_080919.txt


==============================================================================
## 1) System / OS Overview
==============================================================================

### Gaia uptime (clish)
-> clish -c "show uptime"
------------------------------------------------------------------------------
16 days 23 hours 5 minutes

### Gaia version (clish)
-> clish -c "show version all"
------------------------------------------------------------------------------
Product version Check Point Gaia R82
OS build 777
OS kernel version 4.18.0-372.9.1cpx86_64
OS edition 64-bit

### Current top-level load
-> bash -lc echo "loadavg: $(cat /proc/loadavg 2>/dev/null)"; vmstat 1 2 | tail -1
------------------------------------------------------------------------------
loadavg: 5.55 2.22 0.92 1/707 29139
0 0 0 4271164 2228 4368792 0 0 0 0 3112 2153 0 0 99 0 0

==============================================================================
## 2) Disk / Memory / CPU (cpstat + OS tools)
==============================================================================

### cpstat os -f perf (CPU+Mem+Disk summary)
-> cpstat os -f perf
------------------------------------------------------------------------------

Total Virtual Memory (Bytes): 24700465152
Active Virtual Memory (Bytes): 8456867840
Total Real Memory (Bytes): 16110534656
Active Real Memory (Bytes): 8456867840
Free Real Memory (Bytes): 7653666816
Memory Swaps/Sec: -
Memory To Disk Transfers/Sec: -
CPU User Time (%): 2
CPU System Time (%): 2
CPU Idle Time (%): 96
CPU Usage (%): 4
CPU Queue Length: -
CPU Interrupts/Sec: 361
CPUs Number: 16
Disk Servicing Read\Write Requests Time: -
Disk Requests Queue: -
Disk Free Space (%): 74
Disk Total Free Space (Bytes): 39877296128
Disk Available Free Space (Bytes): 39877296128
Disk Total Space (Bytes): 53676605440


### cpstat os -f multi_disk (partition usage)
-> cpstat os -f multi_disk
------------------------------------------------------------------------------

 

Partitions space
-----------------------------------------------------------------------------------------------------------------
|Partition|Size (bytes)|Used (bytes)|Free total (bytes)|Free total (%)|Free available (bytes)|Free available (%)|
-----------------------------------------------------------------------------------------------------------------
|/ | 53676605440| 13799309312| 39877296128| 74| 39877296128| 74|
|/boot | 296236032| 40203264| 256032768| 86| 240304128| 81|
|/var/log | 53676605440| 10054348800| 43622256640| 81| 43622256640| 81|
-----------------------------------------------------------------------------------------------------------------

 

### cpstat os -f ifconfig (interface counters/errors)
-> cpstat os -f ifconfig
------------------------------------------------------------------------------

 

Interface configuration table
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|Name |Address |Mask |MTU |State|Mac Address |Description |IPv6 Address|IPv6 Len|RX Bytes |RX Drops|RX Errors|RX Packets|TX Bytes |TX Drops|TX Errors|TX Packets|
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|lo | 127.0.0.1| 255.0.0.0|65536| 1| |Not supported| ::| 0| 3139585377| 0| 0| 15592182| 3139585377| 0| 0| 15592182|
|eth0 |172.16.10.249| 255.255.255.0| 1500| 1|50-01-00-06-00-00|Not supported| ::| 0|55057186943| 313| 0| 247856086|22132141961| 0| 0| 241833752|
|eth1 | 2.3.4.5|255.255.255.248| 1500| 1|50-01-00-06-00-01|Not supported| ::| 0| 359414657| 313| 0| 2595905| 0| 0| 0| 0|
|eth2 |172.31.10.249| 255.255.255.0| 1500| 1|50-01-00-06-00-02|Not supported| ::| 0| 359414657| 313| 0| 2595905| 0| 0| 0| 0|
|eth2.100|172.31.11.249| 255.255.255.0| 1500| 1|50-01-00-06-00-02|Not supported| ::| 0| 0| 0| 0| 0| 0| 0| 0| 0|
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

### cpstat os -f routing (routes)
-> cpstat os -f routing
------------------------------------------------------------------------------

 

Routing table
---------------------------------------------------
|Destination|Mask |GateWay |Interface|
---------------------------------------------------
| 0.0.0.0| 0.0.0.0|172.16.10.1|eth0 |
| 2.3.4.0|255.255.255.248| 0.0.0.0|eth1 |
|172.16.10.0| 255.255.255.0| 0.0.0.0|eth0 |
|172.31.10.0| 255.255.255.0| 0.0.0.0|eth2 |
|172.31.11.0| 255.255.255.0| 0.0.0.0|eth2.100 |
---------------------------------------------------

 

### cpstat os -f sensors (hardware sensors if supported)
-> cpstat os -f sensors
------------------------------------------------------------------------------

 

Temperature Sensors
-----------------------------
|Name|Value|Unit|Type|Status|
-----------------------------
-----------------------------

 

Fan Speed Sensors
-----------------------------
|Name|Value|Unit|Type|Status|
-----------------------------
-----------------------------

 

Voltage Sensors
-----------------------------
|Name|Value|Unit|Type|Status|
-----------------------------
-----------------------------

 

### Filesystem usage (df -h)
-> df -h
------------------------------------------------------------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_splat-lv_current 50G 13G 38G 26% /
/dev/sda2 283M 39M 230M 15% /boot
/dev/mapper/vg_splat-lv_log 50G 9.4G 41G 19% /var/log
tmpfs 7.6G 30M 7.5G 1% /dev/shm
tmpfs 7.6G 0 7.6G 0% /dev/shm_huge
cgroup 7.6G 0 7.6G 0% /sys/fs/cgroup

### Memory usage (free -m)
-> free -m
------------------------------------------------------------------------------
total used free shared buff/cache available
Mem: 15364 6913 4182 41 4268 7310
Swap: 8191 0 8191

==============================================================================
## 3) Check Point Services / WatchDog
==============================================================================

### cpwd_admin list (all monitored processes)
-> cpwd_admin list
------------------------------------------------------------------------------
APP PID STAT #START START_TIME MON COMMAND
FWK_FORKER 12562 E 1 [09:05:11] 29/12/2025 N fwk_forker
FWK_WD 12571 E 1 [09:05:12] 29/12/2025 N fwk_wd -i 6 -i6 0
CPVIEWD 13131 E 1 [09:05:17] 29/12/2025 N cpviewd
CVIEWAPIS 13152 E 1 [09:05:17] 29/12/2025 N cpview_api_service
CPVIEWS 13157 E 1 [09:05:17] 29/12/2025 N cpview_services
SXL_STATD 13170 E 1 [09:05:17] 29/12/2025 N sxl_statd
MSGD 13202 E 1 [09:05:17] 29/12/2025 Y msgd
CPD 13289 E 1 [09:05:17] 29/12/2025 Y cpd
MPDAEMON 13300 E 1 [09:05:17] 29/12/2025 N mpdaemon /opt/CPshrd-R82/log/mpdaemon.elg /opt/CPshrd-R82/conf/mpdaemon.conf
TP_CONF_SERVICE 13338 E 1 [09:05:17] 29/12/2025 N tp_conf_service --conf=tp_conf.json --log=info
CI_CLEANUP 13486 E 1 [09:05:19] 29/12/2025 N avi_del_tmp_files
CIHS 13491 E 1 [09:05:19] 29/12/2025 N ci_http_server -j -f /opt/CPsuite-R82/fw1/conf/cihs.conf
FWD 13563 E 1 [09:05:19] 29/12/2025 N fwd
SPIKE_DETECTIVE 13591 E 1 [09:05:19] 29/12/2025 N spike_detective
LPD 14250 E 1 [09:05:24] 29/12/2025 N lpd
RAD 14269 E 1 [09:05:24] 29/12/2025 N rad
WSDNSD 15304 E 1 [09:06:28] 29/12/2025 Y wsdnsd
DLPU_0 15315 E 1 [09:06:28] 29/12/2025 Y dlpu -i4 0 1 -i6 -1 -1
DLPU_1 15318 E 1 [09:06:28] 29/12/2025 Y dlpu -i4 2 3 -i6 -1 -1
DLPU_2 15321 E 1 [09:06:28] 29/12/2025 Y dlpu -i4 4 5 -i6 -1 -1
TOPOD 15874 E 1 [09:06:35] 29/12/2025 Y topod
UPRD 15882 E 1 [09:06:35] 29/12/2025 Y uprd
MFDEMUXER 16022 E 1 [09:06:36] 29/12/2025 N /opt/CPcvpn-R82/bin/MoveFileDemuxer /opt/CPcvpn-R82/log/MFDemux.log /opt/CPcvpn-R82/conf/mfdemuxer.C
DBWRITER 16026 E 1 [09:06:36] 29/12/2025 N dbwriter /opt/CPcvpn-R82/log/dbwriter.elg /opt/CPcvpn-R82/conf/dbwriter.C
CVPNPROC 16034 E 1 [09:06:36] 29/12/2025 N cvpnproc /opt/CPcvpn-R82/log/cvpnproc.elg /opt/CPcvpn-R82/conf/cvpnproc.C
MFSERVER 16039 E 1 [09:06:36] 29/12/2025 N /opt/CPcvpn-R82/bin/MoveFileServer /opt/CPcvpn-R82/log/MFServer.log /opt/CPcvpn-R82/conf/mfserver.C
CVPNUMD 16043 E 1 [09:06:36] 29/12/2025 N /opt/CPcvpn-R82/bin/CvpnUMD
PINGER 16051 E 1 [09:06:36] 29/12/2025 N /opt/CPcvpn-R82/bin/Pinger /opt/CPcvpn-R82/log/Pinger.log /opt/CPcvpn-R82/conf/Pinger.C
IDLEPINGER 16054 E 1 [09:06:36] 29/12/2025 N /opt/CPcvpn-R82/bin/IdlePinger /opt/CPcvpn-R82/log/IdlePinger.log /opt/CPcvpn-R82/conf/IdlePinger.C
CVPNANALYTICS 16058 E 1 [09:06:36] 29/12/2025 N /opt/CPcvpn-R82/bin/CvpnAnalytics
CVPND 16070 E 1 [09:06:36] 29/12/2025 N cvpnd /opt/CPcvpn-R82/log/cvpnd.elg /opt/CPcvpn-R82/conf/cvpnd.C
GUACDISPATCHER 16094 E 1 [09:06:37] 29/12/2025 N /opt/CPcvpn-R82/bin/GuacDispatcher /opt/CPcvpn-R82/log/GuacDispatcher.log /opt/CPcvpn-R82/conf/GuacDispatcher.C
RTMD 23238 E 1 [09:08:52] 29/12/2025 N rtmd
DASERVICE 23313 E 1 [09:08:53] 29/12/2025 N DAService_script
AUTOUPDATER 23326 E 1 [09:08:53] 29/12/2025 N AutoUpdaterService.sh
PROBEMOND 23340 E 1 [09:08:53] 29/12/2025 N probemond

### cpwd_admin monitor_list (actively monitored processes)
-> cpwd_admin monitor_list
------------------------------------------------------------------------------
cpwd_admin:
APP FILE_NAME NO_MSG_TIMES LAST_MSG_TIME
MSGD MSGD_13202_5686.mntr 0/6 [08:09:05] 15/1/2026
CPD CPD_13289_5714.mntr 0/10 [08:08:15] 15/1/2026
WSDNSD WSDNSD_15304_12798.mntr 0/6 [08:09:05] 15/1/2026
dlpu dlpu_15321_12842.mntr 0/6 [08:09:16] 15/1/2026
dlpu dlpu_15318_12837.mntr 0/6 [08:09:14] 15/1/2026
dlpu dlpu_15315_12834.mntr 0/6 [08:09:16] 15/1/2026
vpnd vpnd_15797_13177.mntr 0/6 [08:08:47] 15/1/2026
vpnd vpnd_15799_13179.mntr 0/6 [08:09:15] 15/1/2026
vpnd vpnd_15801_13180.mntr 0/6 [08:09:13] 15/1/2026
vpnd vpnd_15803_13182.mntr 0/6 [08:09:12] 15/1/2026
TOPOD TOPOD_15874_13519.mntr 0/6 [08:09:07] 15/1/2026
UPRD UPRD_15882_13524.mntr 0/6 [08:09:07] 15/1/2026

==============================================================================
## 4) Firewall Policy / Interfaces / Performance
==============================================================================

### cpstat fw -f policy (policy name + install time)
-> cpstat fw -f policy
------------------------------------------------------------------------------

Product name: Firewall
Policy name: LAB-POLICY-Andy
Policy install time: Thu Jan 15 08:07:58 2026
Num. connections: 16
Peak num. connections: 522
Connections capacity limit: 0
Total accepted packets: 12292
Total dropped packets: 27924
Total rejected packets: 0
Total accepted bytes: 1501804
Total dropped bytes: 5919298
Total rejected bytes: 0
Total logged: 18


Interface table
-------------------------------------
|Name |Dir|Accept|Drop|Reject|Log|
-------------------------------------
|eth0 |in | 6147| 0| 0| 1|
|eth0 |out| 6137| 0| 0| 12|
|eth1 |in | 4| 0| 0| 0|
|eth1 |out| 0| 0| 0| 0|
|eth2 |in | 4| 0| 0| 0|
|eth2 |out| 0| 0| 0| 0|
|eth2.100|in | 0| 0| 0| 0|
|eth2.100|out| 0| 0| 0| 0|
-------------------------------------
| | | 12292| 0| 0| 13|
-------------------------------------

 

Interface table (64-bit)
-------------------------------------
|Name |Dir|Accept|Drop|Reject|Log|
-------------------------------------
|eth0 |in | 6147| 0| 0| 1|
|eth0 |out| 6137| 0| 0| 12|
|eth1 |in | 4| 0| 0| 0|
|eth1 |out| 0| 0| 0| 0|
|eth2 |in | 4| 0| 0| 0|
|eth2 |out| 0| 0| 0| 0|
|eth2.100|in | 0| 0| 0| 0|
|eth2.100|out| 0| 0| 0| 0|
-------------------------------------
| | | 12292| 0| 0| 13|
-------------------------------------

 

### cpstat fw -f interfaces (FW interface table)
-> cpstat fw -f interfaces
------------------------------------------------------------------------------

 

Network interfaces
-------------------------------------------------------------------------------------------------------------------------
|Name |IP |Netmask |Flags|Peer name|Remote IP|Topology|Proxy name|Slaves|Ports|IPv6 Address|IPv6 Len|
-------------------------------------------------------------------------------------------------------------------------
|eth0 |172.16.10.249| 255.255.255.0| 0| | 0.0.0.0| 4| | | | ::| 0|
|eth1 | 2.3.4.5|255.255.255.248| 0| | 0.0.0.0| 4| | | | ::| 0|
|eth2 |172.31.10.249| 255.255.255.0| 0| | 0.0.0.0| 4| | | | ::| 0|
|eth2.100|172.31.11.249| 255.255.255.0| 0| | 0.0.0.0| 4| | | | ::| 0|
-------------------------------------------------------------------------------------------------------------------------

 

### cpstat fw -f perf (FW performance view)
-> cpstat fw -f perf
------------------------------------------------------------------------------

Product name: Firewall
hmem - block size: 0
hmem - requested bytes: 0
hmem - initial allocated bytes: 0
hmem - initial allocated blocks: 0
hmem - initial allocated pools: 0
hmem - current allocated bytes: 0
hmem - current allocated blocks: 0
hmem - current allocated pools: 0
hmem - maximum bytes: 0
hmem - maximum pools: 0
hmem - bytes used: 0
hmem - blocks used: 0
hmem - bytes unused: 0
hmem - blocks unused: 0
hmem - bytes peak: 0
hmem - blocks peak: 0
hmem - bytes internal use: 0
hmem - number of items: 0
hmem - alloc operations: 0
hmem - free operations: 0
hmem - failed alloc: 0
hmem - failed free: 0
kmem - system physical mem: 0
kmem - available physical mem: 0
kmem - aix heap size: 0
kmem - bytes used: 1720096512
kmem - blocking bytes used: 0
kmem - non blocking bytes used: 0
kmem - bytes unused: 0
kmem - bytes peak: 2756285881
kmem - blocking bytes peak: 0
kmem - non blocking bytes peak: 0
kmem - bytes internal use: 0
kmem - number of items: 0
kmem - alloc operations: 109246265
kmem - free operations: 106660113
kmem - failed alloc: 0
kmem - failed free: 0
inspect - packets: 0
inspect - operations: 0
inspect - lookups: 0
inspect - record: 0
inspect - extract: 0
cookies - total: 488289746
cookies - alloc: 0
cookies - free: 0
cookies - dup: 260131
cookies - get: 1938175520
cookies - put: 484861062
cookies - len: 1456802736
chains - alloc: 0
chains - free: 0
fragments - fragments: 0
fragments - expired: 0
fragments - packets: 0
ufp - % hits ratio: 0
ufp - total connections: 0
ufp - hits connections: 0
ufp - session max: 0
ufp - session current: 0
ufp - session count: 0
ufp - rej session : 0
ufp - time stamp:
ufp - is alive: 0
http - pid: 0
http - proto: 0
http - port: 0
http - logical port: 0
http - max avail socket: 0
http - socket in use max: 0
http - socket in use current: 0
http - socket in use count: 0
http - session max: 0
http - session current: 0
http - session count: 0
http - auth session max: 0
http - auth session current: 0
http - auth session count: 0
http - accepted session: 0
http - rejected session: 0
http - auth failures: 0
http - opsec cvp session max: 0
http - opsec cvp session current: 0
http - opsec cvp session count: 0
http - opsec cvp rej session : 0
http - ssl encryp session max: 0
http - ssl encryp session current: 0
http - ssl encryp session count: 0
http - transparent session max: 0
http - transparent session current: 0
http - transparent session count: 0
http - proxied session max: 0
http - proxied session current: 0
http - proxied session count: 0
http - tunneled session max: 0
http - tunneled session current: 0
http - tunneled session count: 0
http - ftp session max: 0
http - ftp session current: 0
http - ftp session count: 0
http - time stamp:
http - is alive: 0
ftp - pid: 0
ftp - proto: 0
ftp - port: 0
ftp - logical port: 0
ftp - max avail socket: 0
ftp - socket in use max: 0
ftp - socket in use current: 0
ftp - socket in use count: 0
ftp - session max: 0
ftp - session current: 0
ftp - session count: 0
ftp - auth session max: 0
ftp - auth session current: 0
ftp - auth session count: 0
ftp - accepted session: 0
ftp - rejected session: 0
ftp - auth failures: 0
ftp - opsec cvp session max: 0
ftp - opsec cvp session current: 0
ftp - opsec cvp session count: 0
ftp - opsec cvp rej session : 0
ftp - time stamp:
ftp - is alive: 0
telnet - pid: 0
telnet - proto: 0
telnet - port: 0
telnet - logical port: 0
telnet - max avail socket: 0
telnet - socket in use max: 0
telnet - socket in use current: 0
telnet - socket in use count: 0
telnet - session max: 0
telnet - session current: 0
telnet - session count: 0
telnet - auth session max: 0
telnet - auth session current: 0
telnet - auth session count: 0
telnet - accepted session: 0
telnet - rejected session: 0
telnet - auth failures: 0
telnet - time stamp:
telnet - is alive: 0
rlogin - pid: 0
rlogin - proto: 0
rlogin - port: 0
rlogin - logical port: 0
rlogin - max avail socket: 0
rlogin - socket in use max: 0
rlogin - socket in use current: 0
rlogin - socket in use count: 0
rlogin - session max: 0
rlogin - session current: 0
rlogin - session count: 0
rlogin - auth session max: 0
rlogin - auth session current: 0
rlogin - auth session count: 0
rlogin - accepted session: 0
rlogin - rejected session: 0
rlogin - auth failures: 0
rlogin - time stamp:
rlogin - is alive: 0
smtp - pid: 0
smtp - proto: 0
smtp - port: 0
smtp - logical port: 0
smtp - max avail socket: 0
smtp - socket in use max: 0
smtp - socket in use current: 0
smtp - socket in use count: 0
smtp - session max: 0
smtp - session current: 0
smtp - session count: 0
smtp - accepted session: 0
smtp - rejected session: 0
smtp - mail max: 0
smtp - mail curr: 0
smtp - mail count: 0
smtp - outgoing mail max: 0
smtp - outgoing mail curr: 0
smtp - outgoing mail count: 0
smtp - max mail on conn: 0
smtp - total mails : 0
smtp - time stamp: Thu Jan 15 03:08:29 2026
smtp - is alive: 0
sync - configured: No
sync - out state: Off
sync - in state: Off
sync - number of sent packets: 0
sync - number of Kbytes sent: 0
sync - number of packets received: 0
sync - number of Kbytes received: 0
sync - number of retrans requests sent: 0
sync - number of retrans requests received: 0
sync - number of ack packets sent: 0
sync - number of ack packets received: 0
sync - number of packets dropped by network: 0
sync - overall number of table updates to be synced: 7777697
sync - number of updates filtered by 'non sync': 0


### cpstat fw -f kmem (kernel memory stats via cpstat)
-> cpstat fw -f kmem
------------------------------------------------------------------------------

Product name: Firewall
kmem - system physical mem: 0
kmem - available physical mem: 0
kmem - aix heap size: 0
kmem - bytes used: 1720096512
kmem - blocking bytes used: 0
kmem - non blocking bytes used: 0
kmem - bytes unused: 0
kmem - bytes peak: 2756285881
kmem - blocking bytes peak: 0
kmem - non blocking bytes peak: 0
kmem - bytes internal use: 0
kmem - number of items: 0
kmem - alloc operations: 109246265
kmem - free operations: 106660113
kmem - failed alloc: 0
kmem - failed free: 0


### cpstat fw -f hmem (hash memory stats via cpstat)
-> cpstat fw -f hmem
------------------------------------------------------------------------------

Product name: Firewall
hmem - block size: 0
hmem - requested bytes: 0
hmem - initial allocated bytes: 0
hmem - initial allocated blocks: 0
hmem - initial allocated pools: 0
hmem - current allocated bytes: 0
hmem - current allocated blocks: 0
hmem - current allocated pools: 0
hmem - maximum bytes: 0
hmem - maximum pools: 0
hmem - bytes used: 0
hmem - blocks used: 0
hmem - bytes unused: 0
hmem - blocks unused: 0
hmem - bytes peak: 0
hmem - blocks peak: 0
hmem - bytes internal use: 0
hmem - number of items: 0
hmem - alloc operations: 0
hmem - free operations: 0
hmem - failed alloc: 0
hmem - failed free: 0


### fw stat (policy installation status)
-> fw stat
------------------------------------------------------------------------------
HOST POLICY DATE
localhost LAB-POLICY-Andy 15Jan2026 8:07:58 : [>eth0] [<eth0] [>eth1] [>eth2]

### fw ver (gateway version)
-> fw ver
------------------------------------------------------------------------------
This is Check Point's software version R82 - Build 013

==============================================================================
## 5) Kernel / Connections / Capacity
==============================================================================

### fw ctl pstat (capacity, connections, memory, etc.)
-> fw ctl pstat
------------------------------------------------------------------------------

Virtual System Capacity Summary:
Physical memory used: 31% (4118 MB out of 13059 MB) - below watermark
Kernel memory used: 4% (572 MB out of 13059 MB) - below watermark
Virtual memory used: 27% (3539 MB out of 13059 MB) - below watermark
Used: 3539 MB by FW, 1152 MB by zeco
Concurrent Connections: 12 (Unlimited)
Aggressive Aging is enabled, not active

Kernel memory (kmem) statistics:
Total memory bytes used: 1720037884 peak: 2756285881
Allocations: 109246939 alloc, 0 failed alloc
106661214 free, 0 failed free

Cookies:
488289806 total, 0 alloc, 0 free,
260131 dup, 1938175685 get, 484861085 put,
1456802911 len, 2129545789 cached len, 0 chain alloc,
0 chain free

Connections:
181548 total, 136909 TCP, 44637 UDP, 2 ICMP,
0 other, 0 anticipated, 1 recovered, 12 concurrent,
522 peak concurrent

Fragments:
0 fragments, 0 packets, 0 expired, 0 short,
0 large, 0 duplicates, 0 failures

NAT:
240779876/0 forw, 244080738/0 bckw, 484858560 tcpudp,
2054 icmp, 169110-169104 alloc

Sync: Run "cphaprob syncstat" for cluster sync statistics.


==============================================================================
## 6) SecureXL Status
==============================================================================

### fwaccel stat (SecureXL status, interfaces, features, templates)
-> fwaccel stat
------------------------------------------------------------------------------
+---------------------------------------------------------------------------------+
|Id|Name |Status |Interfaces |Features |
+---------------------------------------------------------------------------------+
|0 |KPPAK |enabled |eth0,eth1,eth2 |Acceleration,Cryptography |
| | | | | |
| | | | |Crypto: Transport,Tunnel, |
| | | | |UDPEncap,MD5,SHA1,3DES,DES, |
| | | | |AES-128,AES-256,ESP, |
| | | | |LinkSelection,GRETunnel, |
| | | | |DynamicVPN,NatTraversal, |
| | | | |AES-XCBC,SHA256,SHA384,SHA512 |
+---------------------------------------------------------------------------------+

Accept Templates : enabled
Drop Templates : enabled
NAT Templates : enabled
LightSpeed Accel : disabled

==============================================================================
## 7) ClusterXL (only if applicable)
==============================================================================

### cphaprob state (ClusterXL member states)
-> cphaprob state
------------------------------------------------------------------------------

HA module not started.

This gateway not configured as cluster

### cphaprob stat (ClusterXL status summary)
-> cphaprob stat
------------------------------------------------------------------------------

HA module not started.

This gateway not configured as cluster

### cphaprob list (pnotes/critical devices in problem state)
-> cphaprob list
------------------------------------------------------------------------------

HA module not started.


### cphaprob -a if (cluster interface monitoring view)
-> cphaprob -a if
------------------------------------------------------------------------------

HA module not started.


Warning: Sync will not function since there aren't any sync(secured) interfaces


### cphaprob syncstat (state sync transport statistics)
-> cphaprob syncstat
------------------------------------------------------------------------------

HA module not configured.


==============================================================================
## 8) Quick Heuristic Summary (best-effort)
==============================================================================
This section is a light interpretation (not authoritative).

Disk > 85% used (df):
Filesystem Size Used Avail Use% Mounted on

WatchDog processes with restarts (#START > 1):
APP PID STAT #START START_TIME MON COMMAND

End of report.
==============================================================================

Report saved to: /var/log/cp_fw_health_CP-GW_20260115_080919.txt
[Expert@CP-GW:0]#

Best,
Andy
"Have a great day and if its not, change it"
health.sh
cp_cluster_ha_report.sh
cp_internet_connectivity_test.sh
cp_relevant_issues.sh
0 Kudos
3 Replies
the_rock
MVP Diamond
MVP Diamond
‎2026-01-15 05:28 AM

Similar to this, also HA script.

Best,
Andy
"Have a great day and if its not, change it"
cp_cluster_ha_report.sh
0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-15 05:30 AM
In response to the_rock

HA script output:


[Expert@CP-FW-01:0]# ./cp_cluster_ha_report.sh
Check Point ClusterXL / HA Report
Generated: Thu Jan 15 08:25:08 EST 2026
Host: CP-FW-01
Output file: /var/log/ha_cluster_report/CP-FW-01_ha_report_20260115_082508.txt

===================================================================
1) System / Platform Context
===================================================================

---- Uptime
$ uptime
08:25:08 up 7 days, 21:55, 1 user, load average: 0.21, 0.40, 0.38

---- OS Release (if present)
$ test -r /etc/os-release && cat /etc/os-release || true

---- CLISH: show version all
$ clish -c "show version all"
Product version Check Point Gaia R81.20
OS build 634
OS kernel version 3.10.0-1160.15.2cpx86_64
OS edition 64-bit

---- Environment (CP variables)
$ env | egrep '^(CPDIR|FWDIR|MDSDIR|MDS_FWDIR|MDS_CPDIR|VSXDIR)=' || true
FWDIR=/opt/CPsuite-R81.20/fw1
MDS_FWDIR=/opt/CPsuite-R81.20/fw1
CPDIR=/opt/CPshrd-R81.20

---- Disk usage
$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_splat-lv_current 40G 14G 27G 35% /
/dev/vda2 291M 45M 232M 17% /boot
/dev/mapper/vg_splat-lv_log 50G 17G 34G 34% /var/log
tmpfs 7.6G 36M 7.5G 1% /dev/shm

---- Memory
$ free -m 2>/dev/null || vmstat -s 2>/dev/null || true
total used free shared buff/cache available
Mem: 15419 4165 7354 51 3899 10158
Swap: 8191 0 8191

---- Top CPU processes (snapshot)
$ ps -eo pid,ppid,user,%cpu,%mem,etime,cmd --sort=-%cpu | head -n 25
PID PPID USER %CPU %MEM ELAPSED CMD
8065 8043 admin 12.1 14.6 7-21:54:51 fwk
8394 8006 admin 1.0 1.0 7-21:54:47 cpd
10420 8006 admin 0.7 0.0 7-21:54:11 wsdnsd
10513 7777 admin 0.5 0.0 00:20 sshd: admin [priv]
6 2 admin 0.3 0.0 7-21:55:40 [ksoftirqd/0]
8006 1 admin 0.2 0.0 7-21:54:53 /opt/CPshrd-R81.20/bin/cpwd
9481 8006 admin 0.2 0.0 7-21:54:39 lpd
10374 7777 admin 0.2 0.0 00:38 sshd: admin [priv]
10521 10520 admin 0.2 0.0 00:20 -bash
9 2 admin 0.1 0.0 7-21:55:40 [rcu_sched]
7187 7164 admin 0.1 0.0 7-21:55:06 /bin/redis-server 127.0.0.1:6379
7258 7164 admin 0.1 0.1 7-21:55:06 /opt/CPsuite-R81.20/fw1/Python/bin/python3.7 /bin/celery -A taskmanager.taskManager.celery worker --loglevel=info --pidfile /tmp/celery.pid --logfile /var/log/celery.log --concurrency 2
8330 8006 admin 0.1 0.1 7-21:54:48 cpview_services
8639 8006 admin 0.1 0.8 7-21:54:45 fwd
10989 8639 admin 0.1 0.3 7-21:54:07 vpnd 0
10990 8639 admin 0.1 0.2 7-21:54:07 iked 0
10991 8639 admin 0.1 0.2 7-21:54:07 iked 1
10992 8639 admin 0.1 0.2 7-21:54:07 iked 2
1 0 admin 0.0 0.0 7-21:55:40 init [3]
2 0 admin 0.0 0.0 7-21:55:40 [kthreadd]
4 2 admin 0.0 0.0 7-21:55:40 [kworker/0:0H]
7 2 admin 0.0 0.0 7-21:55:40 [migration/0]
8 2 admin 0.0 0.0 7-21:55:40 [rcu_bh]
10 2 admin 0.0 0.0 7-21:55:40 [rcuob/0]

===================================================================
2) Cluster State (Clish + Expert equivalents)
===================================================================

---- CLISH: show cluster state
$ clish -c "show cluster state"

Cluster Mode: High Availability (Active Up) with IGMP Membership

ID Unique Address Assigned Load State Name

1 (local) 169.254.0.248 100% ACTIVE CP-FW-01
2 169.254.0.247 0% STANDBY CP-FW-02


Active PNOTEs: None

Last member state change event:
Event Code: CLUS-114904
State change: ACTIVE(!) -> ACTIVE
Reason for state change: Reason for ACTIVE! alert has been resolved
Event time: Wed Jan 7 10:31:57 2026

Cluster failover count:
Failover counter: 0
Time of counter reset: Wed Jan 7 10:30:19 2026 (reboot)

 

---- CLISH: show cluster release
$ clish -c "show cluster release"

Release: R81.20 T634

Kernel build: 997000067
FW1 build: 997000059
FW1 private fixes: HOTFIX_GOT_TPCONF_AUTOUPDATE
HOTFIX_PUBLIC_CLOUD_CA_BUNDLE_AUTOUPDATE
HOTFIX_R81_20_JUMBO_HF_MAIN
HOTFIX_R80_40_MAAS_TUNNEL_AUTOUPDATE
HOTFIX_INEXT_NANO_EGG_AUTOUPDATE
HOTFIX_TEX_ENGINE_R8120_AUTOUPDATE

ID SW release

1 (local) R81.20 T634
2 R81.20 T634


---- CLISH: show cluster failover
$ clish -c "show cluster failover"

Cluster failover count:
Failover counter: 0
Time of counter reset: Wed Jan 7 10:30:19 2026 (reboot)


Cluster failover history (last 20 failovers since reboot/reset on Wed Jan 7 10:30:19 2026):

No. Time: Transition: CPU: Reason:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

No failover was detected since last reboot/reset


---- CLISH: show cluster statistics sync
$ clish -c "show cluster statistics sync"

Delta Sync Statistics

Sync status: OK

Drops:
Lost updates................................. 0
Lost bulk update events...................... 0
Oversized updates not sent................... 0

Sync at risk:
Sent reject notifications.................... 0
Received reject notifications................ 0

Sent messages:
Total generated sync messages................ 4496423
Sent retransmission requests................. 0
Sent retransmission updates.................. 1
Peak fragments per update.................... 1

Received messages:
Total received updates....................... 728687
Received retransmission requests............. 1

Sync Interface:
Name......................................... eth3
Link speed................................... 1000Mb/s
Rate......................................... 121170[Bps]
Peak rate.................................... 1116 [KBps]
Link usage................................... 0%
Total........................................ 77729 [MB]

Queue sizes (num of updates):
Sending queue size........................... 512
Receiving queue size......................... 256
Fragments queue size......................... 50

Timers:
Delta Sync interval (ms)..................... 100

Reset on Wed Jan 7 10:31:57 2026 (triggered by fullsync).


---- cphaprob state (member states)
$ cphaprob state

Cluster Mode: High Availability (Active Up) with IGMP Membership

ID Unique Address Assigned Load State Name

1 (local) 169.254.0.248 100% ACTIVE CP-FW-01
2 169.254.0.247 0% STANDBY CP-FW-02


Active PNOTEs: None

Last member state change event:
Event Code: CLUS-114904
State change: ACTIVE(!) -> ACTIVE
Reason for state change: Reason for ACTIVE! alert has been resolved
Event time: Wed Jan 7 10:31:57 2026

Cluster failover count:
Failover counter: 0
Time of counter reset: Wed Jan 7 10:30:19 2026 (reboot)

 

---- cphaprob stat (roles/active/standby details)
$ cphaprob stat

Cluster Mode: High Availability (Active Up) with IGMP Membership

ID Unique Address Assigned Load State Name

1 (local) 169.254.0.248 100% ACTIVE CP-FW-01
2 169.254.0.247 0% STANDBY CP-FW-02


Active PNOTEs: None

Last member state change event:
Event Code: CLUS-114904
State change: ACTIVE(!) -> ACTIVE
Reason for state change: Reason for ACTIVE! alert has been resolved
Event time: Wed Jan 7 10:31:57 2026

Cluster failover count:
Failover counter: 0
Time of counter reset: Wed Jan 7 10:30:19 2026 (reboot)

 

---- cphaprob release (version/hotfix match across members)
$ cphaprob release

Release: R81.20 T634

Kernel build: 997000067
FW1 build: 997000059
FW1 private fixes: HOTFIX_GOT_TPCONF_AUTOUPDATE
HOTFIX_PUBLIC_CLOUD_CA_BUNDLE_AUTOUPDATE
HOTFIX_R81_20_JUMBO_HF_MAIN
HOTFIX_R80_40_MAAS_TUNNEL_AUTOUPDATE
HOTFIX_INEXT_NANO_EGG_AUTOUPDATE
HOTFIX_TEX_ENGINE_R8120_AUTOUPDATE

ID SW release

1 (local) R81.20 T634
2 R81.20 T634


===================================================================
3) Interfaces / Pnotes / Monitoring Health
===================================================================

---- cphaprob -a if (ClusterXL view of interface states)
$ cphaprob -a if

CCP mode: Manual (Unicast)
Required interfaces: 4
Required secured interfaces: 1


Interface Name: Status:

eth0 (LM) UP
eth1 (LM) UP
eth2 (LM) UP
eth3 (S-LM) UP

S - sync, HA/LS - bond type, LM - link monitor, P - probing

Virtual cluster interfaces: 3

eth0 172.16.10.246
eth1 192.168.10.246
eth2 172.31.10.246


---- cphaprob -l list (pnotes / critical devices full list)
$ cphaprob -l list

Built-in Devices:

Device Name: Interface Active Check
Current state: OK

Device Name: Recovery Delay
Current state: OK

Device Name: CoreXL Configuration
Current state: OK

Registered Devices:

Device Name: Fullsync
Registration number: 0
Timeout: none
Current state: OK
Time since last report: 1023.6 sec

Device Name: Policy
Registration number: 1
Timeout: none
Current state: OK
Time since last report: 1022.1 sec

Device Name: routed
Registration number: 2
Timeout: none
Current state: OK
Time since last report: 683164 sec

Device Name: cxld
Registration number: 3
Timeout: 30 sec
Current state: OK
Time since last report: 683217 sec
Process Status: UP

Device Name: fwd
Registration number: 4
Timeout: 30 sec
Current state: OK
Time since last report: 683216 sec
Process Status: UP

Device Name: cphad
Registration number: 5
Timeout: 30 sec
Current state: OK
Time since last report: 683194 sec
Process Status: UP

Device Name: Init
Registration number: 6
Timeout: none
Current state: OK
Time since last report: 683189 sec


---- cphaprob list (pnotes in problem state summary)
$ cphaprob list

There are no pnotes in problem state


---- CLISH: show cluster members interfaces all
$ clish -c "show cluster members interfaces all"

CCP mode: Manual (Unicast)
Required interfaces: 4
Required secured interfaces: 1


Interface Name: Status:

eth0 (LM) UP
eth1 (LM) UP
eth2 (LM) UP
eth3 (S-LM) UP

S - sync, HA/LS - bond type, LM - link monitor, P - probing

Virtual cluster interfaces: 3

eth0 172.16.10.246
eth1 192.168.10.246
eth2 172.31.10.246


No VLANs are monitored on the member


---- CLISH: show cluster members pnotes all
$ clish -c "show cluster members pnotes all"

Built-in Devices:

Device Name: Interface Active Check
Current state: OK

Device Name: Recovery Delay
Current state: OK

Device Name: CoreXL Configuration
Current state: OK

Registered Devices:

Device Name: Fullsync
Registration number: 0
Timeout: none
Current state: OK
Time since last report: 1024.3 sec

Device Name: Policy
Registration number: 1
Timeout: none
Current state: OK
Time since last report: 1022.8 sec

Device Name: routed
Registration number: 2
Timeout: none
Current state: OK
Time since last report: 683165 sec

Device Name: cxld
Registration number: 3
Timeout: 30 sec
Current state: OK
Time since last report: 683217 sec
Process Status: UP

Device Name: fwd
Registration number: 4
Timeout: 30 sec
Current state: OK
Time since last report: 683217 sec
Process Status: UP

Device Name: cphad
Registration number: 5
Timeout: 30 sec
Current state: OK
Time since last report: 683194 sec
Process Status: UP

Device Name: Init
Registration number: 6
Timeout: none
Current state: OK
Time since last report: 683189 sec


===================================================================
4) Synchronization Health (Delta Sync / Transport)
===================================================================

---- cphaprob syncstat (Delta Sync statistics)
$ cphaprob syncstat

Delta Sync Statistics

Sync status: OK

Drops:
Lost updates................................. 0
Lost bulk update events...................... 0
Oversized updates not sent................... 0

Sync at risk:
Sent reject notifications.................... 0
Received reject notifications................ 0

Sent messages:
Total generated sync messages................ 4496458
Sent retransmission requests................. 0
Sent retransmission updates.................. 1
Peak fragments per update.................... 1

Received messages:
Total received updates....................... 728688
Received retransmission requests............. 1

Sync Interface:
Name......................................... eth3
Link speed................................... 1000Mb/s
Rate......................................... 127440[Bps]
Peak rate.................................... 1116 [KBps]
Link usage................................... 0%
Total........................................ 77729 [MB]

Queue sizes (num of updates):
Sending queue size........................... 512
Receiving queue size......................... 256
Fragments queue size......................... 50

Timers:
Delta Sync interval (ms)..................... 100

Reset on Wed Jan 7 10:31:57 2026 (triggered by fullsync).


---- cphaprob ldstat (sync serialization statistics)
$ cphaprob ldstat

Operand Calls Bytes Average Ratio %
----------------------------------------------------------
ERROR 0 0 0 0
SET 7981778 1082581072 135 0
RENAME 0 0 0 0
REFRESH 1826732 94990628 52 0
DELETE 1077381 38736352 35 2
SLINK 433608 27750912 64 2
UNLINK 0 0 0 0
MODIFYFIELDS 1335367 106829360 80 1
RECORD DATA CONN 0 0 0 0
COMPLETE DATA CONN 0 0 0 0
GHTAB SYNC 0 0 0 0

Total bytes sent: 1401509020 (1401 MB) in 2875892 packets. Average 487


===================================================================
5) Failover History / Counters
===================================================================

---- cphaprob show_failover (up to 50 events if supported)
$ cphaprob -l 50 show_failover || cphaprob show_failover

Cluster failover count:
Failover counter: 0
Time of counter reset: Wed Jan 7 10:30:19 2026 (reboot)


Cluster failover history (last 50 failovers since reboot/reset on Wed Jan 7 10:30:19 2026):

No. Time: Transition: CPU: Reason:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

No failover was detected since last reboot/reset


===================================================================
6) cpstat snapshots (HA + OS + FW policy metadata)
===================================================================

---- cpstat ha -f all
$ cpstat ha -f all

Product name: High Availability
Major version: 6
Minor version: 0
Service pack: 5
Version string: N/A
Status code: 0
Status short: OK
Status long: Refer to the Notification and Interfaces tables for information about the problem
HA installed: 1
Working mode: High Availability (Active Up)
HA protocol version: 2
HA started: yes
HA state: active
HA identifier: 1


Interface table
------------------------------------------------------------------
|Name|IP |Status|Verified|Trusted|Shared|Netmask |
------------------------------------------------------------------
|eth0| 172.16.10.248|Up | 500| 0| 2|255.255.255.0|
|eth1|192.168.10.248|Up | 500| 0| 2|255.255.255.0|
|eth2| 172.31.10.248|Up | 500| 0| 2|255.255.255.0|
|eth3| 169.254.0.248|Up | 100| 1| 2|255.255.255.0|
------------------------------------------------------------------

 

Problem Notification table
-----------------------------------------
|Name |Status|Priority|Verified|Descr|
-----------------------------------------
|Fullsync|OK | 0| 1024| |
|Policy |OK | 0| 1023| |
|routed |OK | 0| 683165| |
|cxld |OK | 0| 683217| |
|fwd |OK | 0| 683217| |
|cphad |OK | 0| 683195| |
|Init |OK | 0| 683189| |
-----------------------------------------

 

Cluster IPs table
-----------------------------------------------------------------
|Name|IP |Netmask |Member Network|Member Netmask|
-----------------------------------------------------------------
|eth0| 172.16.10.246|255.255.255.0| 172.16.10.0| 255.255.255.0|
|eth1|192.168.10.246|255.255.255.0| 192.168.10.0| 255.255.255.0|
|eth2| 172.31.10.246|255.255.255.0| 172.31.10.0| 255.255.255.0|
-----------------------------------------------------------------

 

Sync table
----------------------------------
|Name|IP |Netmask |
----------------------------------
|eth3|169.254.0.248|255.255.255.0|
----------------------------------

 

---- cpstat os -f all
$ cpstat os -f all

Product Name: SVN Foundation
SVN Foundation Major Version: 9
SVN Foundation Minor Version: 9
SVN Foundation Service Pack: 7
SVN Foundation Version String: R81.20
SVN Foundation Build Number: 997000125
SVN Foundation Status code: 0
SVN Foundation Status short: OK
SVN Foundation Status long: OK
OS Name: Gaia
OS Major Version: 3
OS Minor Version: 10
OS Build Number: -
OS SP Major: -
OS SP Minor: -
OS Version Level:
Appliance SN:
Appliance Name: Standard PC (i440FX + PIIX, 1996)
Appliance Manufacturer: Other


Interface configuration table
-------------------------------------------------------------------------------
|Name|Address |Mask |MTU |State|Mac Address |Description |
-------------------------------------------------------------------------------
|lo | 127.0.0.1| 255.0.0.0|65536| 1| |Not supported|
|eth0| 172.16.10.248|255.255.255.0| 1500| 1|50-01-00-04-00-00|Not supported|
|eth1|192.168.10.248|255.255.255.0| 1500| 1|50-01-00-04-00-01|Not supported|
|eth2| 172.31.10.248|255.255.255.0| 1500| 1|50-01-00-04-00-02|Not supported|
|eth3| 169.254.0.248|255.255.255.0| 1500| 1|50-01-00-04-00-03|Not supported|
-------------------------------------------------------------------------------

 

Routing table
--------------------------------------------------
|Destination |Mask |GateWay |Interface|
--------------------------------------------------
| 0.0.0.0| 0.0.0.0|172.16.10.1|eth0 |
| 169.254.0.0|255.255.255.0| 0.0.0.0|eth3 |
| 172.16.10.0|255.255.255.0| 0.0.0.0|eth0 |
| 172.31.10.0|255.255.255.0| 0.0.0.0|eth2 |
|192.168.10.0|255.255.255.0| 0.0.0.0|eth1 |
--------------------------------------------------

Total Virtual Memory (Bytes): 24758296576
Active Virtual Memory (Bytes): 5520461824
Total Real Memory (Bytes): 16168366080
Active Real Memory (Bytes): 5520461824
Free Real Memory (Bytes): 10647904256
Memory Swaps/Sec: -
Memory To Disk Transfers/Sec: -
CPU User Time (%): 11
CPU System Time (%): 4
CPU Idle Time (%): 85
CPU Usage (%): 15
CPU Queue Length: -
CPU Interrupts/Sec: 713
CPUs Number: 8
Disk Servicing Read\Write Requests Time: -
Disk Requests Queue: -
Disk Free Space (%): 65
Disk Total Free Space (Bytes): 28207824896
Disk Available Free Space (Bytes): 28207824896
Disk Total Space (Bytes): 42939187200


Processors load
---------------------------------------------------------------------------------
|CPU#|User Time(%)|System Time(%)|Idle Time(%)|Usage(%)|Run queue|Interrupts/sec|
---------------------------------------------------------------------------------
| 1| 0| 3| 97| 3| ?| 201031|
| 2| 0| 3| 97| 3| ?| 201031|
| 3| 5| 5| 89| 10| ?| 201031|
| 4| 3| 3| 95| 6| ?| 201031|
| 5| 31| 12| 57| 43| ?| 201030|
| 6| 9| 5| 86| 14| ?| 201030|
| 7| 3| 3| 95| 6| ?| 201029|
| 8| 3| 4| 93| 7| ?| 201029|
---------------------------------------------------------------------------------

 

Partitions space
-----------------------------------------------------------------------------------------------------------------
|Partition|Size (bytes)|Used (bytes)|Free total (bytes)|Free total (%)|Free available (bytes)|Free available (%)|
-----------------------------------------------------------------------------------------------------------------
|/ | 42939187200| 14731362304| 28207824896| 65| 28207824896| 65|
|/boot | 304624640| 46370816| 258253824| 84| 242525184| 79|
|/var/log | 53664546816| 17848983552| 35815563264| 66| 35815563264| 66|
-----------------------------------------------------------------------------------------------------------------

System Time: 1768483512
System Start Time: 1767799768


---- cpstat os -f sensors (if supported)
$ cpstat os -f sensors

 

Temperature Sensors
-----------------------------
|Name|Value|Unit|Type|Status|
-----------------------------
-----------------------------

 

Fan Speed Sensors
-----------------------------
|Name|Value|Unit|Type|Status|
-----------------------------
-----------------------------

 

Voltage Sensors
-----------------------------
|Name|Value|Unit|Type|Status|
-----------------------------
-----------------------------

 

---- cpstat fw -f policy (if supported)
$ cpstat fw -f policy || cpstat fw -f all || true

Product name: Firewall
Policy name: LAB-POLICY-Andy
Policy install time: Thu Jan 15 08:07:55 2026
Num. connections: 36
Peak num. connections: 805
Connections capacity limit: 0
Total accepted packets: 3296944
Total dropped packets: 21063
Total rejected packets: 0
Total accepted bytes: 1755018430
Total dropped bytes: 4528089
Total rejected bytes: 0
Total logged: 539


Interface table
---------------------------------
|Name|Dir|Accept|Drop|Reject|Log|
---------------------------------
|eth0|in |330733| 6| 0|129|
|eth0|out|494318| 0| 0| 91|
|eth1|in | 343| 0| 0| 10|
|eth1|out| 0| 0| 0| 0|
|eth2|in | 343| 0| 0| 10|
|eth2|out| 0| 0| 0| 0|
|eth3|in |164158| 0| 0| 87|
|eth3|out| 0| 0| 0| 0|
---------------------------------
| | |989895| 6| 0|327|
---------------------------------

 

Interface table (64-bit)
---------------------------------
|Name|Dir|Accept|Drop|Reject|Log|
---------------------------------
|eth0|in |330733| 6| 0|129|
|eth0|out|494318| 0| 0| 91|
|eth1|in | 343| 0| 0| 10|
|eth1|out| 0| 0| 0| 0|
|eth2|in | 343| 0| 0| 10|
|eth2|out| 0| 0| 0| 0|
|eth3|in |164158| 0| 0| 87|
|eth3|out| 0| 0| 0| 0|
---------------------------------
| | |989895| 6| 0|327|
---------------------------------

 

===================================================================
7) Kernel / Acceleration context (helpful for HA investigations)
===================================================================

---- fw ver
$ fw ver
This is Check Point's software version R81.20 - Build 059

---- fwaccel stat
$ fwaccel stat
+---------------------------------------------------------------------------------+
|Id|Name |Status |Interfaces |Features |
+---------------------------------------------------------------------------------+
|0 |KPPAK |enabled |eth0,eth1,eth2,eth3 |Acceleration,Cryptography |
| | | | | |
| | | | |Crypto: Tunnel,UDPEncap,MD5, |
| | | | |SHA1,3DES,DES,AES-128,AES-256,|
| | | | |ESP,LinkSelection,DynamicVPN, |
| | | | |NatTraversal,AES-XCBC,SHA256, |
| | | | |SHA384,SHA512 |
+---------------------------------------------------------------------------------+

Accept Templates : enabled
Drop Templates : enabled
NAT Templates : enabled
LightSpeed Accel : disabled

---- fw ctl iflist (fallback)
$ fw ctl iflist
1 : eth0
2 : eth1
3 : eth2
4 : eth3

---- fw ctl pstat (tail, fallback)
$ fw ctl pstat | tail -n 60

Virtual System Capacity Summary:
Physical memory used: 21% (2791 MB out of 13106 MB) - below watermark
Kernel memory used: 3% (508 MB out of 13106 MB) - below watermark
Virtual memory used: 17% (2241 MB out of 13106 MB) - below watermark
Used: 2241 MB by FW, 1152 MB by zeco
Concurrent Connections: 40 (Unlimited)
Aggressive Aging is enabled, not active

Kernel memory (kmem) statistics:
Total memory bytes used: 1272187338 peak: 1676484815
Allocations: 3723864868 alloc, 0 failed alloc
3721948481 free, 0 failed free

Cookies:
721365142 total, 0 alloc, 0 free,
12 dup, 1893920364 get, 446972256 put,
1616031029 len, 449484422 cached len, 0 chain alloc,
0 chain free

Connections:
240567 total, 181667 TCP, 58870 UDP, 22 ICMP,
8 other, 0 anticipated, 1 recovered, 40 concurrent,
805 peak concurrent

Fragments:
0 fragments, 0 packets, 0 expired, 0 short,
0 large, 0 duplicates, 0 failures

NAT:
221132197/0 forw, 222253274/0 bckw, 443860448 tcpudp,
1400 icmp, 405580-229058 alloc

Sync: Run "cphaprob syncstat" for cluster sync statistics.


===================================================================
8) Routing / Interface inventory
===================================================================

---- ip addr
$ ip addr show
1: lo: <LOOPBACK,MULTICAST,NOARP,AUTOMEDIA,PORTSEL,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:04:00:00 brd ff:ff:ff:ff:ff:ff
inet 172.16.10.248/24 brd 172.16.10.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:04:00:01 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.248/24 brd 192.168.10.255 scope global eth1
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:04:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.31.10.248/24 brd 172.31.10.255 scope global eth2
valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:04:00:03 brd ff:ff:ff:ff:ff:ff
inet 169.254.0.248/24 brd 169.254.0.255 scope global eth3
valid_lft forever preferred_lft forever
6: gre0@NONE: <NOARP> mtu 1476 qdisc noop state DOWN qlen 1000
link/gre 0.0.0.0 brd 0.0.0.0
7: gretap0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff

---- ip route
$ ip route show
default via 172.16.10.1 dev eth0 proto 7
169.254.0.0/24 dev eth3 proto kernel scope link src 169.254.0.248
172.16.10.0/24 dev eth0 proto kernel scope link src 172.16.10.248
172.31.10.0/24 dev eth2 proto kernel scope link src 172.31.10.248
192.168.10.0/24 dev eth1 proto kernel scope link src 192.168.10.248

---- arp table
$ ip neigh show || arp -an || true
192.168.10.247 dev eth1 lladdr 50:01:00:05:00:01 STALE
172.16.10.188 dev eth0 lladdr 50:00:00:02:00:00 STALE
172.16.10.177 dev eth0 lladdr 50:01:00:03:00:00 DELAY
169.254.0.247 dev eth3 lladdr 50:01:00:05:00:03 STALE
172.16.10.247 dev eth0 lladdr 50:01:00:05:00:00 STALE
172.31.10.247 dev eth2 lladdr 50:01:00:05:00:02 STALE
172.16.10.1 dev eth0 lladdr 48:3a:02:96:47:2d REACHABLE
172.16.10.252 dev eth0 lladdr 50:01:00:0f:00:00 REACHABLE

===================================================================
9) Completion
===================================================================

Report complete.
Saved to: /var/log/ha_cluster_report/CP-FW-01_ha_report_20260115_082508.txt
[Expert@CP-FW-01:0]#

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-15 05:43 AM

Internet connection script:

 

[Expert@CP-GW:0]# ./cp_internet_connectivity_test.sh
Check Point Internet Connectivity Test
Generated: Thu Jan 15 08:39:10 EST 2026
Host: CP-GW
Output file: /var/log/internet_connectivity_test/CP-GW_internet_test_20260115_083910.txt

===================================================================
1) System + Interface Context
===================================================================

---- Uptime
$ uptime
08:39:10 up 16 days, 23:34, 1 user, load average: 0.23, 0.15, 0.24

---- IP addresses
$ ip addr show
1: lo: <LOOPBACK,PROMISC,DYNAMIC,AUTOMEDIA,PORTSEL,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:06:00:00 brd ff:ff:ff:ff:ff:ff
inet 172.16.10.249/24 brd 172.16.10.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:06:00:01 brd ff:ff:ff:ff:ff:ff
inet 2.3.4.5/29 brd 2.3.4.7 scope global eth1
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 50:01:00:06:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.31.10.249/24 brd 172.31.10.255 scope global eth2
valid_lft forever preferred_lft forever
5: gre0@NONE: <NOARP> mtu 1476 qdisc noop state DOWN qlen 1000
link/gre 0.0.0.0 brd 0.0.0.0
6: gretap0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
7: erspan0@NONE: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
8: eth2.100@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 50:01:00:06:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.31.11.249/24 brd 172.31.11.255 scope global eth2.100
valid_lft forever preferred_lft forever

---- Link state (brief)
$ ip -br link show
Option "-br" is unknown, try "ip -help".
[WARN] Command failed (rc=255)

---- Routes
$ ip route show
default via 172.16.10.1 dev eth0 proto 7
2.3.4.0/29 dev eth1 proto kernel scope link src 2.3.4.5
172.16.10.0/24 dev eth0 proto kernel scope link src 172.16.10.249
172.31.10.0/24 dev eth2 proto kernel scope link src 172.31.10.249
172.31.11.0/24 dev eth2.100 proto kernel scope link src 172.31.11.249

---- DNS config (/etc/resolv.conf)
$ cat /etc/resolv.conf 2>/dev/null || true
# This file was AUTOMATICALLY GENERATED
# Generated by /bin/resolv_xlate on Mon Dec 29 09:05:02 2025
#
# DO NOT EDIT
#

nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 1.1.1.1
#start SSLVPN name servers from Smart Dashboard
#end SSLVPN name servers from Smart Dashboard

===================================================================
2) Default Route & Gateway Reachability
===================================================================
Default route line: default via 172.16.10.1 dev eth0 proto 7
Default gateway: 172.16.10.1
Default interface: eth0
[PASS] Default route present.
[PASS] Default gateway reachable (ICMP).

---- Neighbor table entry for gateway (if available)
$ ip neigh show | egrep -n "\b172.16.10.1\b" || true
1:172.16.10.1 dev eth0 lladdr 48:3a:02:96:47:2d REACHABLE

===================================================================
3) ICMP to Public IPs (DNS-independent)
===================================================================
./cp_internet_connectivity_test.sh: line 101: syntax error: unexpected end of file
[Expert@CP-GW:0]#

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events