Hi everyone,

I found an interesting part of documentation regarding the Integer Kernel Parameters and String Kernel Parameters.

It is possible with a command to show a list of all the parameters and string and the values that have been set.

This is stated in: https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_SecurityGateway_Guide/Conten...

These are the steps for Integer parameters:

1	Connect to the command line on your Security Gateway / each Cluster Member . Note - On Scalable Platforms (Maestro and Chassis), you must connect to the applicable Security Group.
2	Log in to the Expert mode.
3	Make sure you can get the list of the available integer kernel parameters and their values without errors:   Note - The configuration of your Security Gateway might not support all kernel parameters. As a result, the Security Gateway might fail to get the value of some kernel parameters. modinfo -p $FWDIR/boot/modules/fw_kern*.o | sort -u | grep ':int param' | awk 'BEGIN {FS=":"} ; {print $1}' | xargs -n 1 fw ctl get int
4	If in the previous step there were no errors, get the list of the available integer kernel parameters and their values, and save the list to a file: modinfo -p $FWDIR/boot/modules/fw_kern*.o | sort -u | grep ':int param' | awk 'BEGIN {FS=":"} ; {print $1}' | xargs -n 1 fw ctl get int 1>> /var/log/fw_integer_kernel_parameters.txt 2>> /var/log/fw_integer_kernel_parameters.txt
5	Analyze the output file: /var/log/fw_integer_kernel_parameters.txt

For string it is similar:

1	Connect to the command line on your Security Gateway / each Cluster Member. Note - On Scalable Platforms (Maestro and Chassis), you must connect to the applicable Security Group.
2	Log in to the Expert mode.
3	Make sure you can get the list of the available integer kernel parameters and their values without errors:   Note - The configuration of your Security Gateway might not support all kernel parameters. As a result, the Security Gateway might fail to get the value of some kernel parameters. modinfo -p $FWDIR/boot/modules/fw_kern*.o | sort -u | grep ':string param' | awk 'BEGIN {FS=":"} ; {print $1}' | xargs -n 1 fw ctl get str
4	If in the previous step there were no errors, get the list of the available string kernel parameters and their values, and save the list to a file: modinfo -p $FWDIR/boot/modules/fw_kern*.o | sort -u | grep ':string param' | awk 'BEGIN {FS=":"} ; {print $1}' | xargs -n 1 fw ctl get str 1>> /var/log/fw_string_kernel_parameters.txt 2>> /var/log/fw_string_kernel_parameters.txt
5	Analyze the output file: /var/log/fw_string_kernel_parameters.txt

I have tried step 3 on a few gateways but it get's stuck on  different parameter and does not proceed with the rest.

Step 4 output file contains only an error.

Anyone has an idea how to generate the full list and skip the ones that give an error?

Expample:

(I cut out the above parameters)

bypass_on_enhanced_ssl_inspection = 0
bypass_reverse_dns_rad_request = 1
ccc_in_separate_daemon = 0
ccc_policy_timestamp = 0
Get operation failed: failed to get parameter ccl_correct_dr_between_chassis
get: Operation failed
xargs: fw: terminated by signal

Different gateway:

fwconn_tracker_monitor = 'default'
fwha_azure_default_mac = '12:34:56:78:9a:bc'
fwha_group_of_bonds_str = ''
Get operation failed: failed to get parameter fwha_mbs_amw_policy_time_formated_str
get: Operation failed
xargs: fw: terminated by signal 9