Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Antoine_Rebuzzi
Participant
Jump to solution

Policy location on a gateway R80

Hi, 

 

I want to know if it's possible to retrieve the policy on a local gateway. When we do the fw stat, we can see the Policy name but I'm wondering "where" this policy is stored in local (if it's stored at all). 

 

I've search a little bit here, but couldn't find the right answer. 

My overall goal is to try and set let's say an "automated reboot" on a previous Policy from the gateway itself, I'm not sure if it's possible at all but I'm exploring options ;). 

 

Thank you in advance for your help. 

0 Kudos
1 Solution

Accepted Solutions
Danny
Champion Champion
Champion

On a R80.x gateway the installed policy can be found within $FWDIR/state/local/FW1/

The rulebase for example is within $FWDIR/state/local/FW1/local.rule

To reach your goal of automatically booting a different policy I recommend doing backups of each policy and then automatically select the backup you want to boot from, restore it and reboot. Done.

View solution in original post

(1)
6 Replies
Vincent_Bacher
Advisor
Advisor

Afaik a local copy should be located in $FWDIR/state/__tmp/FW1
to load local copy: fw fetchlocal -d $FWDIR/state/__tmp/FW1

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
Antoine_Rebuzzi
Participant
Thanks 🙂
0 Kudos
PhoneBoy
Admin
Admin

The policy is stored in compiled form in $FWDIR/state in several files/directories. When you do an fw fetchlocal, it comes from this directory structure.

Note that only the current policy is stored here, not previous policies. The only supported way to change the policy loaded is to push a new one from the Security Management.

Antoine_Rebuzzi
Participant
Thanks, you were all pretty fast guys 😉
0 Kudos
Danny
Champion Champion
Champion

On a R80.x gateway the installed policy can be found within $FWDIR/state/local/FW1/

The rulebase for example is within $FWDIR/state/local/FW1/local.rule

To reach your goal of automatically booting a different policy I recommend doing backups of each policy and then automatically select the backup you want to boot from, restore it and reboot. Done.

(1)
Antoine_Rebuzzi
Participant
Thanks! Will help a lot.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events