Installation guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED

141

142

143

144

145

146

147

148

149

150

145

NGFW Engine Commands

sg-toggle-active

SHA1 SIZE |

--force [--debug]

Firewall,

Layer 2

Firewall,

IPS

Switches the engine between the active and the inactive

partition. This change takes effect when you reboot the engine.

You can use this command, for example, if you have upgraded an

engine and want to switch back to the earlier engine version.

When you upgrade the engine, the active partition is switched.

The earlier configuration remains on the inactive partition. To see

the currently active (and inactive) partition, see the directory

listing of /var/run/stonegate (ls -l /var/run/

stonegate).

The SHA1 SIZE option is used to verify the signature of the

inactive partition before changing it to active. If you downgrade

the engine, check the checksum and the size of the earlier

upgrade package by extracting the signature and size files from

the sg_engine_[version.build]_i386.zip file.

--debug option reboots the engine with the debug kernel.

--force option switches the active configuration without first

verifying the signature of the inactive partition.

sg-upgrade Firewall

Upgrades the node by rebooting from the installation DVD.

Alternatively, the node can be upgraded remotely using the

Management Client.

sg-version

Firewall,

Layer 2

Firewall,

IPS

Displays the software version and build number for the node.

se-virtual-engine

-l | --list

-v <virtual engine ID>

-e | --enter

-E “<command [options]>”

-h | --help

Firewall

(Master

Engine

only)

Used to send commands to Virtual Firewalls from the command

line of the Master Engine. All commands that can be used for the

Firewall role can also be used for Virtual Firewalls.

-l or --list list the active Virtual Security Engines.

- v <virtual engine ID> specifies the ID of the Virtual

Security Engine on which to execute the command.

-e or --enter enters the command shell for the Virtual

Security Engine specified with the -v option. To exit the

command shell, type exit.

-E “<command [options]>” executes the specified

command on the Virtual Security Engine specified with the -v

option.

-h or --help shows the help message for the se-virtual-engine

command.

Table A.2 NGFW Engine Command Line Tools (Continued)

Command

Engine

Role

Description