Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Benny_On
Explorer
Jump to solution

R81.20 SAM RULE CLI

Hi everyone,

I'm newbie with Checkpoint Gaia. I want configure a SAM Rule through CLI on SMS, but cheat sheet is hard to understand.

How to set a CLI command to "Drop icmp service from source 10.10.10.2 to dest 192.168.1.2 on Gateway name: CP-GW and expired time is 1 hour ?  

Thank & best regard.

Benny_On

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

When entering any CLI command (including fw sam), flags/switches to the command with their arguments (e.g. -s CP-GW) are specified before other arguments.
The "other arguments" in this case are the criteria listed in the fw sam help and must be listed in the exact order.

If your goal is is to drop all packets to destination IP 192.168.2.2 (regardless of source), the command is: fw sam -s CP-GW -t 3600 -j dst 192.168.2.2

View solution in original post

(1)
3 Replies
PhoneBoy
Admin
Admin

ICMP is protocol 1.
I believe (but am not certain) the various ICMP types codes would be the service.
This means to block ICMP Echo Request for an hour: fw sam -s CP-GW -t 3600 -j srv 10.10.10.2 192.168.1.2 1 1

0 Kudos
Benny_On
Explorer

Dear PhoneBoy,

Thank you for your answer,

According to your CLI and cheat sheet, I understand following:
-s: Gateway Server
-t: Timeout in seconds
-j: Drop connection
srv: <src ip> <dst ip> <service> <protocol>

Seem like, SAM rule require the parameters go in order. In the other example: Drop all connection to dst_ip 192.168.2.2 all service for an hour: "fw sam -s CP-GW -t 3600 -j any dst 192.168.2.2" --> Is this command is right ?

Best regard,

Benny_On

0 Kudos
PhoneBoy
Admin
Admin

When entering any CLI command (including fw sam), flags/switches to the command with their arguments (e.g. -s CP-GW) are specified before other arguments.
The "other arguments" in this case are the criteria listed in the fw sam help and must be listed in the exact order.

If your goal is is to drop all packets to destination IP 192.168.2.2 (regardless of source), the command is: fw sam -s CP-GW -t 3600 -j dst 192.168.2.2

(1)

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events