This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Nick_Doropoulos
Advisor
‎2019-03-19 01:11 AM

How to disable the firewall code

In the video found in this link (https://www.youtube.com/watch?v=Xhifzrk61jw&t=270s), it is said that for troubleshooting purposes the firewall code would sometimes need to be turned off so that the administrator could verify that the routing has been configured correctly (shown around the 5th minute of the video). 

 

Does anybody know how the firewall code can be turned off? Is there a specific command for that?

 

Thanks in advance.

0 Kudos
6 Replies
Maik
Advisor
‎2019-03-19 01:18 AM

Could be referring to "fw unloadlocal" which basically unloads the policy from your security gateway, resulting in an any permit scenario which can be used to verify basic routing functionality etc.

Danny
MVP Platinum
MVP Platinum
‎2019-03-19 01:18 AM

It's called:

fw unloadlocal; echo 1 > /proc/sys/net/ipv4/ip_forward

You may want to review our ccc script for all available command options first.

Nick_Doropoulos
Advisor
‎2019-03-19 01:27 AM
In response to Danny

It was probably the way it was said in the video that confused me as I am indeed familiar with fw unloadlocal. Still thought it best to check just in case it referred to a functionality I was not aware of.

Thank you very much both!

0 Kudos
Danny
MVP Platinum
MVP Platinum
‎2019-03-19 01:31 AM
In response to Nick_Doropoulos

That's why I referred to our ccc script as it allows to disable many more things, like IPS, Stateful Inspection etc. You may want to check all your options being available by running the script.

Maarten_Sjouw
Champion
Champion
‎2019-03-19 02:35 AM
In response to Danny

Do keep in mind that when you unload the fw you also unload forwarding, which means local routing still works but the gateway will NOT work as a router!
Regards, Maarten
0 Kudos
Timothy_Hall
MVP Gold
MVP Gold
‎2019-03-19 06:34 AM
In response to Maarten_Sjouw

Right, that is why the

echo 1 > /proc/sys/net/ipv4/ip_forward

command is necessary to re-enable IP Forwarding after the fw unloadlocal; also keep in mind that all NAT operations will cease as well.

Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices Video Course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events