Use GuiDBEdit for editing.
But it isn't necessarily. You need to edit "reject_x11_in_any" only if you want to allow X11 through Any services. If you explicitly add rule for service X11, it should work.
"X11
X11 connections are not allowed through service 'Any'. All services of type 'Other' and X11 (which is a very special case) require a specific rule, since these services run specific INSPECT code, and are not just 'Accepted'. In order to allow X11 connections, either add a rule that explicitly allows X11 connections, or use Check Point's Database Tool (GUIDbEdit) to set the value of the attribute reject_x11_in_any to 'false'."
http://secureknowledge.checkpoint.co....do?id=sk27124 http://secureknowledge.checkpoint.co....do?id=sk24600