route <interface> <ip to route> <subnet mask> <gateway IP>

[ # ]

!! On Primary Firewall
interface <int>        !! configure each interface with standby ip
ip address <ip> <netmask> standby <standby-ip>

interface <failover-int>
description LAN Failover Interface
no shutdown
exit
failover
failover lan unit primary
failover lan interface failover <failover-int>
failover interface ip failover <failover-int-ip> 255.255.255.0 standby <failover-int-standby-ip>

!! On Secondary Firewall
failover
failover lan unit secondary
failover lan interface failover <failover-int>
failover interface ip failover <failover-int-ip> 255.255.255.0 standby <failover-int-standby-ip>

[ # ]

cpinfo -y all

[ # ]

ckp_regedit -p 'SOFTWARE/CheckPoint/SIC' | egrep -o '[[:digit:]]{1,3}.[[:digit:]]{1,3}.[[:digit:]]{1,3}.[[:digit:]]{1,3}'

Notes:

  • Alternatively, you can leave off the grep portion of the command to view the SIC certificate

[ # ]

lvresize -L 20GB /dev/vg_splat/lv_current         !! Sets the logical volume size
Reboot into maintenance mode   !! View boot menu to see 'Maintenance Mode' option - you do need the expert password.  if your current acct has expert type "passwd root" to reset it.
e2fsck -f /dev/mapper/vg_splat-lv_current
resize2fs /dev/mapper/vg_splat-lv_current
Reboot

Notes:

  • Especially useful for UTMs with small root partitions. Upgrades can fail due to this.

[ # ]

cphastop
mount -t iso9660 -o loop <iso_image> /mnt/cdrom
cd /mnt/cdrom
patch add cd

Notes:

  • It's best to verify these steps from Release Notes
  • After install, modify CP object in policy to reflect new version and push policy
  • HFAs will use ./UnixInstallScript instead of 'patch add cd'

[ # ]

route add -net <IP>/<cidr> gw <next hop IP>
route add -host <IP> gw <next hop IP>
route add default gw <gateway>
route del -net <IP>/<cidr> gw <next hop IP>
route --save

[ # ]

useradd -u 0 -o -g 0 -m <username> -s /bin/rbash

[ # ]

/usr/sbin/dmidecode

Notes:

  • Use '/usr/sbin/dmidecode | grep "Product Name" to view specific hardware name

[ # ]

ip route get <ip>
route -n

[ # ]