Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
HeikoAnkenbrand
Champion Champion
Champion

ONELINER - Show all Kernel Parameter

This oneliner shows you all kernel parameters of the firewall gateway with their values.
This can be useful in the debug case to see an overview of all kernel parameters.

 

modinfo -p $FWDIR/boot/modules/fw_kern*.o | sort -u | awk 'BEGIN {FS=":"} ; {print $1}' | xargs -n 1 fw ctl get int

 

 Here is an example of the output:
Kernel_Parameter.PNG

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
(3)
7 Replies
Timothy_Hall
Legend Legend
Legend

Here is the equivalent command to list all the variables in the sim (SecureXL Implementation Module) driver:

modinfo -p $PPKDIR/boot/modules/sim_kern*.o | sort -u | awk 'BEGIN {FS=":"} ; {print $1}' | xargs -i fw ctl get int {} -a 2> /dev/null | grep "PPAK 0:" | cut -d: -f2

While this command and the one Heiko provided can be useful for obtaining insight to the various kernel settings that are available, be warned that the variable names may not mean what you think they mean, or cause unintended consequences (including even crashing or hanging the firewall) if you attempt to tamper with them.  Most of these variables are undocumented, and I'd especially not recommend messing with those outside a lab environment without consulting TAC first.

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
Lars_Laschner
Explorer

How can I change the kernel parameters permanently?

0 Kudos
HeikoAnkenbrand
Champion Champion
Champion

You can configure some of the Firewall kernel parameters only permanently in the special configuration file $FWDIR/boot/modules/fwkern.conf.

 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
HeikoAnkenbrand
Champion Champion
Champion

You cannot configure SecureXL kernel parameters on-the-fly with the "fw ctl set" command.

You must configure them only permanently in the special configuration file - $PPKDIR/conf/simkern.conf Schedule a maintenance window, because this procedure requires a reboot. For SecureXL kernel parameters, see more here sk43387.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
JozkoMrkvicka
Authority
Authority

Would it be possible to print all kernel tables with respective values, tresholds and peaks?

I can imagine it will help with some troubleshooting (if some table is full as an example).

Kind regards,
Jozko Mrkvicka
0 Kudos
PhoneBoy
Admin
Admin

fw tab -u gives you all the kernel tables with what's in them.
fw tab -s will give you a summary of all the tables with # of entries and high water mark.

Power_Support
Participant

Nice info!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events