Troubleshooting guide
Chapter 2 Troubleshooting Tools fwinfo
Advanced Technical Reference Guide 4.1 • June 2000 6
Troubleshooting Tools
This chapter describes the most important tools for Troubleshooting VPN-1/FireWall-1 problems. These tools
include fwinfo, Control (fw ctl) commands, the Monitor (fw monitor) Command and debugging with
INSPECT.
fwinfo
Introduction
fwinfo is used to collect information that is used for debugging and solving VPN-1/FireWall-1 problems. It
runs operating system and VPN-1/FireWall-1 commands and gathers information on the system parameters of
the machine on which VPN-1/FireWall-1 is installed, and on VPN-1/FireWall-1 parameters such as interfaces
and tables. The resulting file will usually be sent to Check Point Support (support@ts.checkpoint.com)for
analysis.
How to create fwinfo
On NT
Issue the command:
fwinfo > file_name
The resulting file file_name will be uncompressed and not decoded. You should compress it before sending
it to Check Point Support for analysis. Use any zip utility such as gzip, pkzip or winzip.
On UNIX
1. Before running fwinfo, make sure that the result of the echo $FWDIR command is /etc/fw
(normally the FireWall directory). If it isn’t, type
setenv FWDIR /etc/fw
2. Login as a super user (recommended)
3. Run the script
$FWDIR/bin/fwinfo | compress | uuencode fwinfo.Z > /tmp/fwinfo.uue
which will do the following:
(1) Run the fwinfo script (the directory will be tar compressed to fwinfo.tar,then
(2) gzip the file to fw.tar.gz,then
(3) uuencode it to fwinfo, then
(4) Compress it under the original file name fwinfo.Z,then
(5) The file will be uuencoded
The result is the file /temp/fwinfo.uue