cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

How to disable the firewall code

In the video found in this link (https://www.youtube.com/watch?v=Xhifzrk61jw&t=270s), it is said that for troubleshooting purposes the firewall code would sometimes need to be turned off so that the administrator could verify that the routing has been configured correctly (shown around the 5th minute of the video). 

 

Does anybody know how the firewall code can be turned off? Is there a specific command for that?

 

Thanks in advance.

0 Kudos
6 Replies
Maik
Silver

Re: How to disable the firewall code

Could be referring to "fw unloadlocal" which basically unloads the policy from your security gateway, resulting in an any permit scenario which can be used to verify basic routing functionality etc.

Danny
Pearl

Re: How to disable the firewall code

It's called:

fw unloadlocal; echo 1 > /proc/sys/net/ipv4/ip_forward

You may want to review our ccc script for all available command options first.

Re: How to disable the firewall code

It was probably the way it was said in the video that confused me as I am indeed familiar with fw unloadlocal. Still thought it best to check just in case it referred to a functionality I was not aware of.

Thank you very much both!

0 Kudos
Danny
Pearl

Re: How to disable the firewall code

That's why I referred to our ccc script as it allows to disable many more things, like IPS, Stateful Inspection etc. You may want to check all your options being available by running the script.

Re: How to disable the firewall code

Do keep in mind that when you unload the fw you also unload forwarding, which means local routing still works but the gateway will NOT work as a router!
Regards, Maarten
0 Kudos

Re: How to disable the firewall code

Right, that is why the

echo 1 > /proc/sys/net/ipv4/ip_forward

command is necessary to re-enable IP Forwarding after the fw unloadlocal; also keep in mind that all NAT operations will cease as well.

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com