- Products
- Learn
- Local User Groups
- Partners
- More
Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
I've been testing R80.20 very intensively in the lab over the last few days. Here I have discovered some interesting new commands on CLI. What did you discover that didn't exist before?
# cphaprob stat > with more clusterxl informations
# fwaccel ranges > show's anti spoofing ranges
# fw ctl multik utilize > shows the CoreXL queue utilization for each CoreXL FW instance
# fw ctl multik print_heavy_conn > shows the table with heavy connections
More see:
Command Line Interface R80.20 Reference Guide
Exciting command show's anti spoofing ranges:-)
You have to take a closer look.
# fwaccel ranges
Regards,
Heiko
Shows the CoreXL queue utilization for each CoreXL FW instance
# fw ctl multik utilize
Shows the table with Heavy Connections (that consume the most CPU resources) in the CoreXL
Dynamic Dispatcher.
# fw ctl multik print_heavy_conn
# fw ctl chain
The new fw monitor chain modules (SecureXL) do not run in the virtual machine (vm):
SecureXL inbound (sxl_in) > Packet received in SecureXL from network
SecureXL inbound CT (sxl_ct) > Accelerated packets moved from inbound to outbound processing (post routing)
SecureXL outbound (sxl_out) > Accelerated packet starts outbound processing
SecureXL deliver (sxl_deliver) > SecureXL transmits accelerated packet
In firewall kernel (now also SecureXL), each kernel is associated with a key (blue) witch specifies the type of traffic applicable to the chain modul.
# fw ctl chain
# fw monitor -e ...
| Key | Function |
|---|---|
| ffffffff | IP Option Stip/Restore |
| 00000001 | new processed flows |
| 00000002 | wire mode |
| 00000003 | will applied to all ciphered traffic (VPN) |
| 00000000 | SecureXL offloading (new in R80.20+) |
New ClusterXL clish commands:
> show cluster
> show cluster mmagic
More see here:
R80.20 - new ClusterXL commands
Regards,
.
"iotop" watches I/O usage information output by the Linux kernel and displays a table of current I/O usage by processes or threads on the system. Only available on gateway with R80.20 3.10 kernel (see Check Point R80.20 with Gaia 3.10 for Security Gateways).
# iotop -b -n 1
| User | Count |
|---|---|
| 10 | |
| 8 | |
| 6 | |
| 5 | |
| 5 | |
| 5 | |
| 5 | |
| 5 | |
| 5 | |
| 4 |
Wed 03 Sep 2025 @ 11:00 AM (SGT)
Deep Dive APAC: Troubleshooting 101 for Quantum Security GatewaysThu 04 Sep 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: External Risk Management for DummiesWed 10 Sep 2025 @ 11:00 AM (CEST)
Effortless Web Application & API Security with AI-Powered WAF, an intro to CloudGuard WAFWed 10 Sep 2025 @ 11:00 AM (EDT)
Quantum Spark Management Unleashed: Hands-On TechTalk for MSPs Managing SMB NetworksWed 03 Sep 2025 @ 11:00 AM (SGT)
Deep Dive APAC: Troubleshooting 101 for Quantum Security GatewaysThu 04 Sep 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: External Risk Management for DummiesWed 10 Sep 2025 @ 11:00 AM (EDT)
Quantum Spark Management Unleashed: Hands-On TechTalk for MSPs Managing SMB Networks