Firewall Stopped Logging

Your Checkpoint firewall may stop logging to the management server for any number of reasons, to restart use the following commands:

Stop fwd:

cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd"

Start fwd:

cpwd_admin start -name FWD -path "$FWDIR/bin/fw" -command "fwd"

If successful you should see an information message in the management tracker similar to stating "sys_message: started logging".

You may also want to verify masters is pointing to a valid DNS/IP of your log server:

cat $FWDIR/conf/masters
Tagged as: , , No Comments