|
|
|
|||
|
|
||||
1) How can I do a tcpdump that ignores pings (icmp
echo-request and echo-reply)?
2) Tell me about FW-1 version 3078 on a Nokia.
3) I am getting the message "fw: halloc: memory exhausted" on my
console (Phoneboy).
4) VRRP failover occasionally flops over to the secondary for
no apparent reason.
5) My firewall reboots every time I type "fwstop".
6) I made a dnsinfo.C file, and now it is gone!
7) How do I change my serial number in Voyager?
8) How do I reset the admin password?
9) I can't get rid of floodgate in NG!
10) Can I monitor throughput?
11) "error: invalid compressed size for
<image>.tgz"
12) I boot my IP330 and get "[[5n", then it goes
straight into BIOS.
13) I can't get into Voyager because someone else has a lock.
This command will show all icmp packets that are not icmp echo-requests nor echo-replies:
tcpdump -i eth-s2p2c0 'icmp[0] != 8 and icmp[0] != 0'
This command will show all icmp packets that are not ping packets, and all packets which are part of the beginning or end of a session (SYN and FIN packets):
tcpdump -i eth-s2p2c0 'icmp[0] != 8 and icmp[0] != 0' or 'tcp[13] & 3 != 0'
Alter the amount of memory allocated to the FW1 module. For NG FP2+, this can be done through the GUI under the firewall object itself. Older (4.1) systems require the modzap utility to modify kernel memory allocation. See Nokia resolution 1325 for details.
Make sure that the virtual MAC addresses that you are using are of the form xx:xx:xx:xx:xx:xx. That is, don't type "1", use "01."
If you have fw-1 4.1sp2 and IPSO 3.3, you must upgrade the firewall to sp3. There is a problem with the cache flow feature that causes this. As a hack, you can turn off flows with "ipsofwd slowpath", but you must do this each time you stop the firewall (see Nokia knowledge base for full details).
You most likely upgraded your firewall software. The migration scripts do not migrate that file (before NG, anyway). Look in your old directories in /opt.
Edit the /var/etc/.nvram file and reboot.
Reboot the box. In a serial console session, interrupt the boot sequence when you see "boot:" by typing "-s". This will boot you into single-user mode, which does not require a password. You will be able to access the box without a password. At this point, you can type "/etc/overpw" to clear the password, or "dbpasswd admin <newpassword>" and then "dbset :save" to save. If you are on IPSO 3.4 or higher, overpw is preferred.
Go to the $CPSHARED/registry directory. Usually this is /opt/CPshared/5.0/registry or some such. Edit the HKLM_registry.data file (make a backup first). This is the Check Point registry file. Under SOFTWARE\CheckPoint\CPshared\5.0\ set ":Floodgate-1 (0)". Under SOFTWARE\CheckPoint\FW1\5.0, set:
:FloodGate ("[4]0")
:FGManagement ("[4]0")
Next, do a cpstop/cpstart. If you are going to ask, I have no idea what the 4 is, but the default seems to be "[4]1".
Sure. Try MRTG.
Either the image is corrupt, or your FTP server sucks. Try either re-downloading the software or use a more stable FTP server.
Hyperterminal under W2K and XP sucks. Use a 3rd party terminal client, or else boot Nokia without connecting the serial cable (see Nokia Resolution 6837).
IPSO 3.7 introduced a locking mechanism to avoid to admins writing at the same time. Unfortunately, it is a little sloppy right now and it is easy to lock yourself out. To remove the lock, use the "clish" shell interface. Type "clish", and then in the shell, type:
set config-lock on override
set config-lock off
Home | Services | Training | Support | Contact Us | Search
Copyright 2006, Security Evolution, Inc.