The PhoneBoy Blog


Simplifying Telecom, Mobile Phones, Gadgets, and More!

FireWall-1 FAQ: Redirecting Log Files To Another Drive

Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.


I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.


If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)


FireWall-1 Versions 3.0b-4.0 support modifying (or adding) the following registry entry (It is of type String):

HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\FWLOGDIR

Specify the full path name to the log directory here. In 4.1, create the following registry entry:

HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\4.1\FWLOGDIR

In NG, create the following registry entry:

HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\FW1\5.0\FWLOGDIR

Note: this directory must exist. You will need to restart the FireWall-1 service for this to take effect.

On Unix machines, you can symbolically link the $FWDIR/log directory to another drive. For example:

fwstop 
mv $FWDIR/log $FWDIR/log.old 
ln -s /path/to/new/logdir $FWDIR/log 
fwstart

C-List #Cybersecurity Celebrity, Podcaster, #noagenda Producer, Frequenter of shiny metal tubes, Expressor of personal opinions, and of course, a coffee achiever.