Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

How to disable the firewall code

In the video found in this link (https://www.youtube.com/watch?v=Xhifzrk61jw&t=270s), it is said that for troubleshooting purposes the firewall code would sometimes need to be turned off so that the administrator could verify that the routing has been configured correctly (shown around the 5th minute of the video). 

 

Does anybody know how the firewall code can be turned off? Is there a specific command for that?

 

Thanks in advance.

0 Kudos
6 Replies
Highlighted
Advisor

Could be referring to "fw unloadlocal" which basically unloads the policy from your security gateway, resulting in an any permit scenario which can be used to verify basic routing functionality etc.

Highlighted
Champion
Champion

It's called:

fw unloadlocal; echo 1 > /proc/sys/net/ipv4/ip_forward

You may want to review our ccc script for all available command options first.

Highlighted

It was probably the way it was said in the video that confused me as I am indeed familiar with fw unloadlocal. Still thought it best to check just in case it referred to a functionality I was not aware of.

Thank you very much both!

0 Kudos
Highlighted
Champion
Champion

That's why I referred to our ccc script as it allows to disable many more things, like IPS, Stateful Inspection etc. You may want to check all your options being available by running the script.

Highlighted
Champion
Champion

Do keep in mind that when you unload the fw you also unload forwarding, which means local routing still works but the gateway will NOT work as a router!
Regards, Maarten
0 Kudos
Highlighted
Champion
Champion

Right, that is why the

echo 1 > /proc/sys/net/ipv4/ip_forward

command is necessary to re-enable IP Forwarding after the fw unloadlocal; also keep in mind that all NAT operations will cease as well.

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com