Thanks but I'm afraid there doesn't seem to be anything related either; even when I search for geo protection inside that guide nothing comes up.

Frankly, it's one of the very few features I have only seen on SmartConsole and not CLI hence my question.

One-liner to show Geo Policy on gateways

That's better but I'm still looking for a more comprehensive list of commands with regards to geo-protection.

I see you have written a couple of relevant scripts in this thread @HeikoAnkenbrand :

https://community.checkpoint.com/t5/IPS-Anti-Virus-Anti-Bot-Anti/Geo-policy/m-p/57560/highlight/true...

May I ask where you got the geo-protection commands from? Specifically, I'm looking for configuration commands that enable you to turn on geo-protection on the command line.

Thanks in advance. 

As far as CLI Access to Geo Policy, I don't think this configuration can be accessed through the Management API on the SMS to my knowledge.  You can see a thread I started about Management API vs. SmartConsole limitations here: https://community.checkpoint.com/t5/API-CLI-Discussion-and-Samples/Functionality-API-vs-SmartConsole...

On the gateway I'm always on the lookout for ways to turn features off and on "on the fly" for troubleshooting and performance optimization.  Beyond just looking in the local.set file of the compiled policy, there does not seem to be any way to enable/disable or modify Geo Policy out on the gateway itself that I can see.  I suppose one could modify the Geo Policy configuration in the local.set file itself and then do a fetchlocal on the gateway to directly load the changes up into the kernel, but this would most definitely not be supported and could cause very bad things to happen if you make a mistake.

Thanks Tim. It's a real shame but it is what it is I guess.