Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Timothy_Hall
Champion
Champion

fw up_execute Equivalent for NAT Rule Matches?

fw up_execute can be run on the gateway to find a matching Network policy rule in the live policy like this:

 

up_execute.png

 

Is there an equivalent CLI utility to find a matching NAT policy rule on the live gateway?  I'm aware that Packet Mode searches can be executed against the NAT policy in the SmartConsole, but I'm looking for a CLI utility on the gateway itself.  Thanks!

    

"Max Capture: Know Your Packets" Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Reply
3 Replies
PhoneBoy
Admin
Admin

Haven’t seen and with NAT it’s a bit more complicated due to the fact some of the NAT isn’t handled by actual rules but rather as a result of object definition.

Timothy_Hall
Champion
Champion

Not even in R81?  It seems like the NAT policy in that version is now acting more like a "real" policy layer, and allowing the use of Security Zones & Dynamic Objects including Access Roles, as well as keeping hit counts.

"Max Capture: Know Your Packets" Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Reply
PhoneBoy
Admin
Admin

Perhaps there's a hidden flag for fw up_execute?

0 Kudos
Reply