Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Albin_Hakansson
Participant

Kernel modules and chain modules

Hi all!

I am wondering about the relationship between kernel modules and the firewall chain (fw ctl debug -m & fw ctl chain)
I've gone through sk98799, but it raised a few questions for me.

As I understand, I can see which modules are active on the firewall by running fw ctl debug -m command.
And the chains (fw ctl chain) is the path/order of which the Check Point kernel will handle the traffic, based on configuration different modules will be enabled and since they are divided into the chains, the number of chains will be different. 
Is my understanding of the kernel modules and chains correct?

I get a bit confused regarding how to know where to perform the debug. Based on research on various forums & other locations, I've come to understand that several modules can work within one chain, for example "VM" chain module.

But how do I know where in the chain a module is working for example WS or RTM module?

As a general question as well, what does the output of fw ctl conn -a mean?

Thanks in advance!

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

The items listed in fw ctl chain will depend on which features are enabled, thus the number of modules listed will vary from system to system.

Different modules serve different functions and I would defer to specific SKs where these are detailed or conversations with the Check Point TAC as to which modules to debug in which circumstances.

As some functions cross modules, it's possible multiple modules require debugging, which is why the answer is largely situation specific.

fw ctl conn -a is a command I am not familiar with.

It is mentioned in the following sks:

fwsync: there is a different installation of Check Point's products on each member of this clus... 

Connections Table Format 

0 Kudos
m_chasserot
Explorer

Hello Albin.

Did you find answers to your questions?:

- how do I know where in the chain a module is working for example WS or RTM module?

- what does the output of fw ctl conn -a mean?

- how do I kno which chains make up every module?

Thanks in advance.

0 Kudos
m_chasserot
Explorer

Hello Albin.

Did you find answers to your questions?

Thanks

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events