This section contains a summary of the Gaia CLI commands that configure Link Aggregation. Link Aggregation (Bonding) - Quick Reference for Gaia Clish Commands This is a quick reference for Link Aggregation commands. Use these commands to configure Link Aggregation. Like a cheat sheet for CLI commands? CHECKPOINT GAIA CLISH COMMANDS. Save config: save the current configuration: show commands: shows all commands.
In This Chapter |
This chapter gives an introduction to the Gaia command line interface (CLI).
The default shell of the CLI is called clish.
To use the CLI:
- Connect to the platform using a command-line connection (SSH or a console) over a TCP/IP network.
- Log on using a user name and password.
Immediately after installation, the default user name and password are
adminandadmin.
Saving Configuration Changes
Configuration changes you enter using the CLI are applied immediately to the running system. To ensure that these changes remain after you reboot, that is, to save your changes permanently, run save config at the CLI prompt.
Commands and Features
Gaia commands are organized into features. A feature is a group of related commands.
Commands have the syntax
The most common operations are show, add, set, delete
The 4 main operations | Description | ||
|---|---|---|---|
| Sets a value in the system. | ||
| Shows a value or values from the system. | ||
| Deletes a value from the system. | ||
| Adds a new value to the system. | ||
Other operations | Description | ||
| Saves the configuration changes made since the last save operation. | ||
| Restart the system. | ||
| Turns the computer off. | ||
| Exits from the CLI. | ||
| Exits from the shell. | ||
| Starts a transaction. Puts the CLI into transaction mode. All changes made using commands in transaction mode are applied at once or none of the changes are applied based on the way transaction mode is terminated. | ||
| Ends transaction by committing changes. | ||
| Ends transaction by discarding changes. | ||
| Enter the expert shell. Allows low-level access to the system, including the file system. | ||
| Shows the version of the active Gaia image | ||
| Revert the database | ||
| Get help on navigating the CLI and some useful commands. | ||
To do this | Type | ||
Shows all commands that the user has permissions to run | |||
Show a list of all features | |||
Shows all commands for a specific feature | For example | ||
Show all the possible operations | For example | ||
Show all commands per operation, per feature | For example | ||
At the --More-- prompt:
To do this... | Type |
|---|---|
To see the next page. | <SPACE> |
To see the next line. | <ENTER> |
To exit to the CLI prompt | <Q> or <q> |
Command Completion
You can automatically complete a command. This saves time, and can also help if you are not sure what to type next.
Press ... | To do this... |
|---|---|
<TAB> | Complete or fetch the keyword. For example |
<SPACE> <TAB> | Show the arguments that the command for that feature accepts. For example: |
<ESC><ESC> | See possible command completions. For example |
? | Get help on a feature or keyword. For example |
UP/DOWN arrow | Browse the command history |
LEFT/RIGHT arrow | Edit command. |
Enter | Run a command string. The cursor does not have to be at the end of the line. You can usually abbreviate the command to the smallest number of unambiguous characters. |
Command History
You can recall commands you have used before, even in previous sessions.
Command | Description |
|---|---|
↓ | Recall previous command. |
↑ | Recall next command |
history | Show the last 100 commands. |
!! | Run the last command. |
!nn | Run a specific previous command: The nn command. |
!‑nn | Run the nnth previous command. For example, entering !‑3 runs the third from last command. |
!str | Run the most recent command that starts with str. |
!?str? | Run the most recent command containing str. The trailing ? may be omitted if str is followed immediately by a new line. |
!!:s/str1/str2 | Repeat the last command, replacing str1 with str2 |
Command Reuse
You can combine word designators with history commands to refer to specific words used in previous commands. Words are numbered from the beginning of the line with the first word being denoted by 0. Use a colon to separate a history command from a word designator. For example, you could enter !!:1 to refer to the first argument in the previous command. In the command show interfaces, interfaces is word 1.
Word Designator | Meaning |
|---|---|
| The operation word. |
| The |
| The first argument; that is, word 1. |
| The last argument. |
| The word matched by the most recent |
Immediately after word designators, you can add a sequence of one or more of the following modifiers, each preceded by a colon:
Modifier | Meaning |
|---|---|
| Print the new command but do not execute |
| Substitute |
| Apply changes over the entire command. Use this modified in conjunction with |
Command Line Movement and Editing
You can back up in a command you are typing to correct a mistake. To edit a command, use the left and right arrow keys to move around and the Backspace key to delete characters. You can enter commands that span more than one line.
These are the keystroke combinations you can use:
Keystroke combination | Meaning |
|---|---|
Alt-D | Delete next word. |
Alt-F | Go to the next word. |
Ctrl-Alt-H | Delete the previous word. |
Ctrl-shift_ | Repeat the previous word. |
Ctrl-A | Move to the beginning of the line. |
Ctrl-B | Move to the previous character. |
Ctrl-E | Move to the end of the line. |
Ctrl-F | Move to the next character. |
Ctrl-H | Delete the previous character. |
Ctrl-L | Clear the screen and show the current line at the top of the screen. |
Ctrl-N | Next history item. |
Ctrl-P | Previous history item. |
Ctrl-R | Redisplay the current line. |
Ctrl-U | Delete the current line. |
Obtaining a Configuration Lock
Only one user can have Read/Write access to Gaia configuration settings at a time. All other users can log in with Read-Only access to see configuration settings, as specified by their assigned roles.
When you log in and no other user has Read/Write access, you get an exclusive configuration lock with Read/Write access. If a different user already has the configuration lock, you have the option to override their lock. If you:
- Override the lock, the other user stays logged in with Read-Only access.
- Do not override the lock, you cannot modify the settings.
Use the database feature to obtain the configuration lock. The database feature has two commands:
lock database [override].unlock database
The commands do the same thing: obtain the configuration lock from another administrator.
Description | Use the |
Syntax |
|
Comments | Use these commands with caution. The admin whose write access is revoked does not receive notification. |
Configuring Configuration Lock Behavior
The behavior of the configuration lock command is configured using: config-lock.
Description | Configures and shows the state of the configuration lock | ||||||
Syntax |
| ||||||
Parameters |
| ||||||
Comments |
|
32 and 64-bit Gaia Editions
64-bit support for a Gaia device depends on the appliance type (for a Check Point appliance) and hardware capabilities (for open servers).
For more on supported platforms and kernels, see the R76 Release notes.
Open servers always install a 32-bit kernel, but you can switch to the 64-bit kernel using the Edition feature.
Note - The open server hardware must support 64-bit for the Edition feature to work. |
Description | Use the Edition feature to change between 32 and 64-bit versions of Gaia. | |||
|---|---|---|---|---|
Syntax | ||||
| ||||
Comments |
|
To see which edition is running:
- Go to the WebUI System Overview pane. The edition shows in the System Overview widget.
or
- On the command line, run:
show version os edition
Environment Commands
Description | Use these commands to set the CLI environment for a user for a particular session, or permanently. | ||||||||||||||||||||||
Syntax | To show the client environment To set the client environment To save the client environment permanently | ||||||||||||||||||||||
Parameters |
|
Client Environment Output Format
Description | The CLI supports three output formats: pretty, structured, and xml. | ||||||||
Syntax | To show the output format To set the output format | ||||||||
Parameters |
|
Expert Mode
The default shell of the CLI is called clish. Clish is a restrictive shell (role-based administration controls the number of commands available in the shell). While use of clish is encouraged for security reasons, clish does not give access to low level system functions. For low level configuration, use the more permissive expert shell.
- To use the expert shell, run:
expert - To exit the expert shell and return to
clish, run:exit
Expert- Password
A password protects that expert shell against authorized access. The expert password can be changed using the expert-password feature.
Description: | Use this command to set the expert password by plain text or MD5 salted hash. Use the MD5 salted hash option when upgrading or restoring using backup scripts. | |||
Syntax: |
| |||
| ||||
Example: |
| |||
Important - You must run | ||||
Checkpoint Commands Pdf
User Defined (Extended) Commands
Description | Manage user defined (extended) commands in clish. Extended commands include:
You can do role based administration (RBA) with extended commands by assigning extended commands to roles and then assigning the roles to users or user groups. | ||||||||
Syntax | To show all extended commands To show the path and description of a specified extended command To add an extended command To delete an extended command | ||||||||
Parameters |
| ||||||||
Example | To add the
|
Gaia: Backup and Restore From CLI (Clish)
Checkpoint Gaia Cli Commands Linux
This article provides a quick tutorial on how to make a Gaia: backup and restore from the CLI (Clish shell) in Gaia. Depending which version of Gaia you are using, you may or may not have the option to perform a backup or restore from the Web GUI under the “Maintenance” section or you may only have SSH access – having the skill to do this from the command line is important either way.
For the methods below the following apply:
- x.x.x.x should be replaced by the IP of the server
- myuser should be replaced by a valid username for the server.
- mybackupfile.tgz should be replaced by the name of your backup file
- You will be prompted for the password on the command line if you are using FTP or SCP
Backup
Cli Commands Pdf
The add backup command is what we use to initiate a backup from the CLI. We also need to pass a parameter to define where the backup is to be saved: local, FTP, TFTP or SCP:
- To save a backup locally:
add backup local
- To save a backup on a remote server using FTP:
add backup ftp ip x.x.x.x username myuser password plain
- To save a backup on a remote server using TFTP:
add backup tftp ip x.x.x.x
- To save a backup on a remote server using SCP:
add backup scp ip x.x.x.x username myuser password plain
Note:
- You can use the show backups command to see the status of any current and completed backups.
- Backup configurations on Check Point appliances are stored in /var/log/CPbackup/backups/
- Backup configurations on Open Servers are stored in /var/CPbackup/backups/
Checkpoint Gaia Cli Commands Tutorial
Restore
To restore a backup we use the set backup restore command and as with the backup, we pass the relevant parameters:
- To restore a local backup:
set backup restore local <TAB>
- To restore a backup from a remote server using FTP:
set backup restore ftp ip x.x.x.x file mybackupfile.tgz username myuser password plain
- To restore a backup from a remote server using TFTP:
set backup restore tftp ip x.x.x.x file mybackupfile.tgz
- To restore a backup from a remote server using SCP:
set backup restore scp ip x.x.x.x username myuser password plain
Checkpoint Gaia Cli Commands Command
Remember!
- Restore is only allowed using the same Gaia version on the source and target computers.
- Restore is only allowed using the same appliance type on the source and target computers.
- The backup file name generated by the backup command should not be renamed and must not contain spaces.
- When backing to an SCP or FTP server, the backup file is put in the user’s home folder. When restoring from SCP or FTP the backup file is taken from the user’s home folder.
- This is not applicable to VSX – to backup and restore VSX, see sk100395 for details.
Related posts: