1. Home
  2. Networking
  3. Check Point FireWall

Chapter 14. INSPECT

INSPECT is a feature in Check Point FireWall-1 that is poorly documented but can be very useful if people become familiar with it. Certain people within Check Point claim INSPECT is poorly documented because the language itself has not stabilized. I've also heard from various sources that the next version of FireWall-1 will have better INSPECT documentation. However, none of these facts have changed in quite some time. In fact, almost all information about the INSPECT language has been removed from the FireWall-1 documentation.

This chapter offers a brief introduction to how INSPECT works. The information should be useful to those who are looking for a more detailed understanding of how FireWall-1 works and to those who want to permit more-advanced services through FireWall-1. This chapter is not meant to cover the INSPECT language comprehensively. However, several examples of INSPECT code are included.

By the end of this chapter, you should be able to:

  • Understand what INSPECT is

  • Determine what you can and cannot do with INSPECT

  • Understand how FireWall-1 converts your rulebase into INSPECT

  • Write your own INSPECT code



    		Frequently Asked Questions
    		Preface
    		Chapter 1. Introduction to Firewalls
    		Chapter 2. Planning Your FireWall-1 Installation
    		Chapter 3. Installing FireWall-1
    		Chapter 4. Building Your Rulebase
    		Chapter 5. Logging and Alerting
    		Chapter 6. Common Issues
    		Chapter 7. Remote Management
    		Chapter 8. User Authentication
    		Chapter 9. Content Security
    		Chapter 10. Network Address Translation
    		Chapter 11. Site-to-Site VPN
    		Chapter 12. SecuRemote and SecureClient
    		Chapter 13. High Availability
    		Chapter 14. INSPECT
    		What Is INSPECT?
    		Basic INSPECT Syntax
    		How Your Rulebase Is Converted to INSPECT
    		Sample INSPECT Code
    		Summary
    		Appendix A. Securing Your Bastion Host
    		Appendix B. Sample Acceptable Usage Policy
    		Appendix C. 'firewall-1.conf' File for Use with OpenLDAP v1
    		Appendix D. 'firewall-1.schema' File for Use with OpenLDAP v2
    		Appendix E. Performance Tuning
    		Appendix F. Sample 'defaultfilter.pf' File
    		Appendix G. Other Resources
    		Appendix H. Further Reading