ISS Proventia - Disable Firewall (Unload Policy)

iss proventia 
firewall-<disable|enable>

[ # ]

ISS Proventia - Install Hotfix

iss proventia 
wget -c https://<url>/<file>.pkg
hotfix-install <file>.pkg

[ # ]

ISS Proventia - Interface Configuration

iss proventia 
ifconfig <interface> <ip> netmask <netmask> up

Notes:

  • Useful for modifying IP without updating via Site Protector

[ # ]

ISS Proventia - Important Files

iss proventia 
cat /etc/crm/policies/cml/NetworkObjects/* | grep <object name>
cat /etc/crm/policies/cml/NetworkProtector/fwm/* | grep <rule specifics>
more /igateway/policy/current/ham  !! Firewall's current failover status

[ # ]

ISS Proventia - Force Heart and View Push Logs

iss proventia 
service iss-spa doheartbeat; tail -f /var/log/messages | egrep -i 'cfg|iss-spa|error'

[ # ]

ISS Proventia - Dump Policy Rules, NATs, etc

iss proventia 
firewall-dump

[ # ]

ISS Proventia - Failover Status

iss proventia 
more /igateway/policy/current/ham  !! View firewall's current HA status
grep -i "failover" /var/log/messages  !! Search for failover logs

[ # ]

ISS Proventia - Firmware Update

iss proventia 
update-control -f  !! Find Update
update-control -d  !! Download Update
update-control -i fw  !! Install Update

Notes:

  • Use at your own risk, unverified

[ # ]

ISS Proventia - Licensing

iss proventia 
issasApache -a si   !! View Licenses
iss-licinst --licfile <filename>.isslicense  !! Manually update license from file

Notes:

  • 'true' next to dates indicates expired license

[ # ]

ISS Proventia - Manually Failover Firewalls

iss proventia 
service hearbeat restart

Notes:

  • Performed on the active unit

[ # ]