Syntax of the CLI command system
Last adaptation to the version: 14.0.0 (11.2024)
New:
- New Traceroute parameters: source_addr and source
- Extensive completion of commands
- Layout adjustment
This article refers to a Beta version
System
| Command | Parameters | Description | Example |
|---|---|---|---|
system datesystem date getsystem date get |
Display the current system time | system date get | |
system date setsystem date set |
Change system time and date | system date set date "2013-10-21 15:48:52" | |
| date | New date (“YYYY-MM-DD hh:mm:ss”) | ||
system infosystem info |
Displays system information | system info | |
system supportinfosystem supportinfo |
system supportinfo | ||
system specssystem specs |
system specs | ||
system featuressystem features |
Shows whether the system features http-proxy-Statistics, wifi and umts are enabled or disabled | system features | |
system registersystem register |
Registers a new license on the UTM After executing the command, the license key, which can be copied from the .pem file, must be copied into the CLI. Then, press STRG + D to exit.
|
system register Return Insert license Return | |
system rebootsystem reboot |
Reboots the system | system reboot | |
system poweroffsystem poweroffsystem poweroff |
Shutting down the system | system poweroff | |
system restrictionssystem restrictions getsystem restrictions get |
system restrictions get | ||
system restrictions updatesystem restrictions update |
system restrictions update | ||
system configsystem config loadsystem config load |
Loads a configuration | system config load name "configname" | |
| name | Name of a configuration | ||
system config load_dryrunsystem config load_dryrun |
system config load_dryrun name "configname" | ||
| name | Name of a configuration | ||
system config savesystem config save |
Saves a configuration | system config save name "configname" | |
| name | Name of a configuration | ||
system config newsystem config new |
Creates a new configuration | system config new name "new_config" | |
| name | Name of the new configuration | ||
system config clonesystem config clone |
Clones/copies a configuration | system config clone name "configname" new_name "new_config" | |
| name | Name of a configuration | ||
| new_name | Name of the cloned configuration | ||
system config deletesystem config delete |
Deletes a configuration | system config delete name "configname" | |
| name | Name of a configuration | ||
system config setsystem config set |
Changes the boot configuration | system config set name "configname" | |
| name | Name of a configuration | ||
system config setupsystem config setup |
|||
system config getsystem config get |
Listing of the existing configurations | system config get | |
system config exportsystem config export |
Exports a configuration in form of a download key After screen output copy this key into a text file |
system config export name "configname" | |
| name | Name of a configuration | ||
system config importsystem config import |
Funktioniert derzeit in der CLI nicht, bitte über das Webinterface importieren | ||
system config factorysettingssystem config factorysettings |
Sets a configuration to factory setting | system config factorysettings | |
system config reportsystem config report |
Generates a system report in pdf format Saved at /var/www/admin/private |
system config report | |
system config otpexportsystem config otpexport |
Generates a list of OTP Secrets in pdf format Saved under /var/www/admin/private |
system config otpexport | |
system config xmlreportsystem config xmlreport |
Output of the current configuration in XML format | system config xmlreport | |
system config synchronizesystem config synchronize |
Synchronizes the configurations between the devices operating in the cluster | system config synchronize | |
system config synchronize_dryrunsystem config synchronize_dryrun |
system config synchronize_dryrun | ||
system updatesystem update systemsystem update system |
Update System Settings | system update system | |
system update interfacesystem update interface |
Updates network interfaces | system update interface | |
system update rulesystem update rule |
Updates rules | system update rule | |
system update routesystem update route |
Updates routes | system update route | |
system update qossystem update qos |
Update QoS | system update qos | |
system update tifsystem update tif |
Updated Threat Intelligence Filter | system update tif | |
system lsrrdsystem lsrrd |
Listing of the RRD files | system lsrrd | |
system rrd refreshsystem rrd refreshsystem rrd refresh |
system rrd refresh | ||
system contentfiltersystem contentfilter categorizesystem contentfilter categorize |
Output of the category of a url for the content filter | system contentfilter categorize url www.clamav.com | |
| url | |||
system contentfilter getsystem contentfilter get |
Listing ID/Names of the categories | system contentfilter get | |
system ssh pubkeysystem ssh pubkey newsystem ssh pubkey new |
Adds a new SSH key | system ssh pubkey new key "AAAAB3NzaC1yc2EAAAABIwAAA..." | |
| key | Value of the key | ||
system ssh pubkey getsystem ssh pubkey get |
Outputs all current public SSH keys | system ssh pubkey get | |
system ssh pubkey deletesystem ssh pubkey delete |
Deletes the SSH key | system ssh pubkey delete id "8" | |
| id | Id of a SSH key | ||
system ssh pubkey enablesystem ssh pubkey enable |
Disables an SSH key | system ssh pubkey enable id "8" | |
| id | Id of a SSH key | ||
system ssh pubkey disablesystem ssh pubkey disable |
Activates an SSH key | system ssh pubkey disable id "8" | |
| id | Id of a SSH key | ||
system generatesystem generate sshdkeyssystem generate sshdkeys |
Creates new keys for SSH connections to the appliance | system generate sshdkeys | |
system generate webservercertsystem generate webservercert |
Generates new UTM web server certificates | system generate webservercert | |
system generate dhparamssystem generate dhparams |
Generates new Diffie-Hellman parameter files | system generate dhparams | |
system cipherssystem ciphers |
Lists the encryptions of a cipher list | system ciphers value "MEDIUM" | |
system predictable_interface_namessystem predictable_interface_names |
Enables/disables predictable interface names | system predictable_interface_names value "enable" | |
| value | Enable/Disable | ||
system interfacesystem interface infosystem interface info |
system interface info | ||
system rule_enginesystem rule_engine getsystem rule_engine get |
system rule_engine get | ||
system rule_engine setsystem rule_engine set |
system rule_engine set value "iptables" | ||
| value | |||
system remotesystem remote sync statussystem remote sync status |
Transferring the status to the remote terminal | system remote sync status | |
system remote sync virus_patternsystem remote sync virus_pattern |
Transferring the virus pattern to the remote terminal | system remote sync virus_pattern | |
system remote sync ipdenysystem remote sync ipdeny |
Transferring the ipdeny list to the remote terminal | system remote sync ipdeny | |
system remote upgrade cursystem remote upgrade cur |
Transfers the installed firmware to the remote terminal | system remote upgrade cur | |
system remote upgrade newsystem remote upgrade new |
Transfers the firmware in the folder 'new' to the remote terminal | system remote upgrade new | |
system remote upgrade statussystem remote upgrade status |
Status of ongoing synchronizations | system remote upgrade status | |
system remote upgrade abortsystem remote upgrade abort |
Canceling ongoing synchronizations | system remote upgrade abort | |
system remote get newsystem remote get new |
Displays the firmware versions of the remote terminal The error message connection error appears if the remote terminal is not reachable.
|
system remote get new | |
system remote get oldsystem remote get old |
Displays the former firmware versions of the remote station | system remote get old | |
system remote get cursystem remote get cur |
system remote get cur | ||
system cloudbackupsystem cloudbackup getsystem cloudbackup get |
Listed available backups | system cloudbackup get | |
system cloudbackup storesystem cloudbackup store |
Saves a backup of the active configuration | system cloudbackup store | |
system cloudbackup setsystem cloudbackup set |
setting a password | system cloudbackup set password "geheim" | |
| password | Password for the backup | ||
system cloudbackup deletesystem cloudbackup delete |
Deletes a backup in the cloud | system cloudbackup delete id "5264f921f3819be23e000001" | |
| id | Id of a backup | ||
system cloudbackup restoresystem cloudbackup restore |
Restore a backup | system cloudbackup restore id "5264f921f3819be23e000001" ctime "1382349089" password "geheim" | |
| id | Id of a backup | ||
| ctime | |||
| password | Password for the backup | ||
system cloudbackup password status getsystem cloudbackup password status get |
Indicates whether a cloud backup password has been set. (Does not display the password) | system cloudbackup password status get | |
system toolssystem tools pingsystem tools ping |
Sends ICMP ECHO_REQUEST to Network Hosts | system tools ping host "8.8.8.8" or system tools ping family "4" source "192.168.175.1" resolve "on" count "10" host "www.securepoint.de" | |
| family | Specifies whether IPv4 ("4") or IPv6 ("6") is used | ||
| source | Source address | ||
| resolve | |||
| count | Number of performances | ||
| host | destination address | ||
system tools traceroutesystem tools traceroute |
Measures delays of network packets on their way to the target host | system tools traceroute host "8.8.8.8" or system tools traceroute family "4" source "LAN2" resolve "on" count "10" host "www.securepoint.de" | |
| family | Specifies whether IPv4 ("4") or IPv6 ("6") is used | ||
| source |
Source interface | ||
| source_addr |
Source address | ||
| resolve | |||
| count | Number of performances | ||
| host | destination address | ||
system tools routesystem tools route |
Output of the Routing Table | system tools route family "4" | |
| family | Specifies whether IPv4 ("4") or IPv6 ("6") is used | ||
system tools hostsystem tools host |
Running DNS lookups | system tools host type "A" server "8.8.8.8" host "www.securepoint.de" | |
| type | DNS Type | ||
| server | DNS Server | ||
| host | Domain | ||
system tools wakesystem tools wake |
Sends Wake-on-Lan Magic Packets to a MAC address (More information) Letters in hexadecimal numbers must be entered in uppercase |
system tools wake host 00:1A:2B:3C:4E:5F@eth1 | |
| host | MAC address of the target device in the format MAC@interface | ||
system upgradesystem upgrade finalizesystem upgrade finalize |
Finish a previous update or rollback | system upgrade finalize | |
system upgrade hintsystem upgrade hint |
Get a hint for the next upgrade action | system upgrade hint | |
system upgrade updatehintsystem upgrade updatehint |
system upgrade updatehint | ||
system upgrade infosystem upgrade info |
Lists the installed firmware versions | system upgrade info | |
system upgrade updatesystem upgrade update |
Download an update (if available) | system upgrade update | |
system upgrade forceupdatesystem upgrade forceupdate |
Loads an update and removes remnants of previous updates | system upgrade forceupdate | |
system upgrade updatelatestsystem upgrade updatelatest |
Download the latest update and remove old updates | system upgrade updatelatest | |
system upgrade updatelatestchecksystem upgrade updatelatestcheck |
Check whether the limit for update requests has been reached | system upgrade updatelatestcheck | |
system upgrade dryrunsystem upgrade dryrun |
Reboots the system into the updated firmware image | system upgrade dryrun | |
system upgrade rollbacksystem upgrade rollback |
Reboots the system to the previous firmware image | system upgrade rollback | |
system upgrade confirm/decline privacysystem upgrade confirm/decline privacy |
Accept/Reject the privacy policy | system upgrade confirm privacy or system upgrade decline privacy | |
system upgrade confirm/decline eulasystem upgrade confirm/decline eula |
Accept/Reject the license agreement | system upgrade confirm eula or system upgrade decline eula | |
system upgrade privacy/eula getsystem upgrade privacy/eula get |
Provides the privacy policy or license agreement | system upgrade privacy get version "cur" lang "de" or system upgrade eula get version "cur" lang "de" | |
| version | Version ("new", "cur", "old") | ||
| lang | Language ("de", "en") | ||
system sysctlsystem sysctl getsystem sysctl get |
Lists all sysctl variables | system sysctl get | |
system sysctl newsystem sysctl new |
Set a new sysctl variable | system sysctl new name "net.ipv4.neigh.default.gc_thresh1" value "512" | |
| name | Name of the variable | ||
| value | Value of the variable | ||
system sysctl setsystem sysctl set |
Changes the value of a sysctl variable | system sysctl set name "net.ipv4.neigh.default.gc_thresh1" value "128" | |
| name | Name of the variable | ||
| value | Value of the variable | ||
system sysctl deletesystem sysctl delete |
Deletes a sysctl variable of the Linux kernel | system sysctl delete name "net.ipv4.neigh.default.gc_thresh1" | |
| name | Name of the variable | ||
system sysctl updatesystem sysctl update |
Update the sysctl variables | system sysctl update | |
| It happens frequently that VoIP providers specify session timeout for UDP packets. This value is set to 30 seconds in the factory default setting and is therefore too little for many providers. To ensure that a change still exists after an update or a restart, a variable must be added here that contains the desired value. | |||
system activedirectorysystem activedirectory joinsystem activedirectory join |
Connects the UTM to the Active Directory | system activedirectory join password "geheim" | |
| password | Password of the Active Directory | ||
system activedirectory testjoinsystem activedirectory testjoin |
Checks the AD account of the UTM | system activedirectory testjoin | |
system activedirectory leavesystem activedirectory leave |
Release connection to Active Directory | system activedirectory leave password "geheim" | |
| password | Password of the Active Directory | ||
system activedirectory lsgroupssystem activedirectory lsgroups |
List of Active Directory groups ( Only groups to which at least one user is assigned are displayed) | system activedirectory lsgroups | |