Command-line reference
Following are general guidelines to using the CLI.
- For admin users, use the
help
command to view a list of all available commands - All commands can be run with the “help” option to view detailed help about that
command. For example:
iface help
- The CLI shell offers auto-complete for command names using the TAB key. For example, typing the letter “i” plus TAB will display all commands that start with the letter “i.”
- The CLI shell implements command history. Use the up/down arrows to view/run/ modify
previously entered commands, sequentially.
Some commands’ output may exceed the height of the screen. Use the terminal software to scroll back and view all output.
- All commands and their arguments are case sensitive.
- Abbreviations are not accepted in the CLI; it is necessary to type the entire word. The TAB button can be used to complete partially typed commands.
- Some command output may exceed the length of the screen. Once the screen is full, the CLI will prompt –more-. Use the spacebar to display the next screen.
Action | Syntax | Description |
---|---|---|
Exit the command line interface | exit |
Exits the user from the Forcepoint Protector CLI and returns to the login prompt or to a wrapper shell environment. |
Show CLI help messages | help |
This command displays all available commands with a small description for each. The list of available commands depends on the user’s profile. All commands support the help argument. When used, the command displays a help message relevant to that command.
|
Accessing the basic configuration wizard | wizard |
Opens the Forcepoint Protector Installation Wizard. The user can also run
|
Rebooting the protector | reboot |
Reboots the protector. The protector is shut down and restarted immediately after the command is executed. |
Turning off the protector | shutdown |
Shuts down the protector. The protector is shut down and powered off immediately after the command is executed. |
Showing the Forcepoint Protector version | version |
Displays the protector version information.
|
Setting or showing the system date | date [-d] [dd-mmm-yyyy] |
Sets or displays the date of the protector. By default, the command displays the current date. Otherwise, the argument is used to set the date of the protector. The
Parameters: If the -d option is given, the date is displayed or set using an all digit format (mm/dd/ yyyy, for example: 07/31/2017). Otherwise, a dd-mmm-yyyy format is used. dd is the
day of the month [01 to 31] mmm is the month in abbreviated 3-letter format [Jan, Feb, Mar, etc.] yyyy is the year [2016,
2017]
|
Setting or showing the system time | time -h [HH[:MM[:SS]]] |
Sets or displays the time in the protector. By default, the command displays the current time. The
time command is also a native Linux command. Root users can access the CLI command by running it with its full
path:
Parameters:
|
Modify or show system time zone | timezone [list, show, set <timezone>] |
Shows or sets the protector time zone. Parameters:
Default: When no argument is given, "show" is assumed.
|
Viewing protector information | info { cpu | memory | network | diag | uptime | hardware | features} info stats [reset] |
Displays information about the Forcepoint protector. Root users must access the CLI command by running it with its full path:
Parameters:
|
Collecting statistics | debug stats [-d] [-i <interval> | -n <count>] |
This command allows a user to collect statistics about network behavior over time. It does so by running info stats at specified intervals for a given number of times. The collected statistics are saved in a CSV file for easy manipulation and analysis in spreadsheet tools such as Microsoft Excel. The resulting file is saved as:
Parameters:
Default: The default interval is every 60 seconds. The default number is 1440 (which is the equivalent of 24 hours of statistics when the default interval of 60 is
selected).
|
Configure or show the DNS server(s) | dns [list | delall] dns [{add | del}] <ip_address>] |
Lists, adds, or deletes DNS servers. Parameters:
|
Configure or show the default domain name(s) | domain [list | delall] domain [{add (-m) | del} <domain>] |
Lists, adds, or deletes default domain names in the protector. Parameters:
|
Configure or show the default gateway |
|
By default, displays the current defined gateway. Using the parameters, it is possible to set or delete the default gateway of the protector. Parameters:
If this command is run from a remote SSH session, the session may terminate.
|
Configure or show the hostname | hostname <name> |
Displays the current hostname. The parameter can also set a unique name by which to identify the protector. Parameters: If a name is given, the hostname is set to the given name. Otherwise, the hostname is displayed.
|
Configure or show interface information |
|
Configures and displays the protector’s network interface information. When invoked without arguments or with the
list option, the command displays a list of all
available interfaces in the system. When invoked with only an interface name, the command shows detailed information about that interface. Any other invocation method configures the
interface denoted in ifname.Note: Use a console connection to the protector when using this command to configure the management interface, (and not a remote SSH connection).
Using the latter may terminate the session to the protector. In addition, if the IP address is changed, it may be required to re-establish secure communication with the Forcepoint
DLP server (by re- running the configuration wizard).
Parameters:
Default:
Example:
|
Add or delete routing information |
|
Adds or deletes route entries in the protector. When adding or deleting routes to networks, use the x.x.x.x/prefix format. For example: 192.168.1.0/24. Parameters:
|
Manage users |
|
Use the “user” command to define additional system access accounts. Each account has a profile that defines the operations available to users. The available profiles are:
The list of commands each profile can run cannot be changed. Parameters:
|
Filtering monitored networks |
|
Use the Forcepoint Management Interface to define which networks are monitored by the protector. This CLI command enables advanced filtering of monitored networks.
Note: Forcepoint recommends testing the filter using tcpdump before setting the filter. This ensures that the
protector recognizes the filter expression.
Parameters:
This command sets the protector to monitor all TCP traffic to/from 10.0.0.1 and ignore all other hosts in the network. If VLAN is used, it should be listed first in the filter (“vlan and tcp” instead of “tcp and vlan”). |