Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide

Debugging the Security Servers

In FireWall-1 4.1 and earlier, in order to debug the Security Servers, you were required to set environment variables and restart the fwd process. In FireWall-1 NG, you can now perform debugging without restarting any processes. When these variables are set, FireWall-1 logs the information generated into the various files in $FWDIR/log. Each Security Server has its own file with a .elg extension (e.g., the HTTP Security Server has ahttpd.elg, the FTP Security Server has ftpd.elg, and so on).

To enable debugging for the HTTP Security Server, issue the following command from your firewall module:

# fw debug on in.ahttpd FWAHTTPD_LEVEL=3

To disable debugging, issue the following command from your firewall module: ...

Get Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide by Dameon D. Welch-Abernathy

Debugging the Security Servers

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly