Monitoring commands:
show
- Show global or vdom config
sh system interface
- Equivalent to show run interface
diagnose hardware deviceinfo nic
- Equivalent to show interface
get system status
- show version information
sh firewall policy 6
- show firewall rule numer 6
sh router policy
- Show Policy Routing rules
diagnose system session list
- Show the excisting translations
diagnose system session clear
- Clears all xlate/translations
diagnose ip arp list
- Shows the arp table of connected hosts
get router info routing-table all
- Equivalent to ‘show ip route’
diagnose system top
- Show System Processes running with PIDs
diagnose system kill 9 <id>
- Kill the specific PID
diag test auth ldap <server_name> <username> <password>
- Ldap test query from the Forti to the AD
In order to see a tcp dump of information flowing through a fortigate, the diagnose sniffer command can be used from cli. The command syntax:
diagnose sniffer packet {interface | all} ‘net z.z.z.z/p and/or host x.x.x.x and/or port yyy’ [options]
You can narrow your search by filtering on any or the following:
net/prefix : print a whole netblock
host : print only one host
port : print only a specific port number
and/or : allows additional options
host : print only one host
port : print only a specific port number
and/or : allows additional options
The Options field at the end are as follow:
1: print header of packets
2: print header and data from ip of packets
3: print header and data from ethernet of packets (if available)
4: print header of packets with interface name
5: print header and data from ip of packets with interface name
6: print header and data from ethernet of packets (if available) with intf name
1: print header of packets
2: print header and data from ip of packets
3: print header and data from ethernet of packets (if available)
4: print header of packets with interface name
5: print header and data from ip of packets with interface name
6: print header and data from ethernet of packets (if available) with intf name
Option ‘4’ is particularly useful, in that it shows the associated interface for the directional traffic
Examples:
diagnose sniffer packet any ‘net 10.0.0.0/8 and host 172.16.16.14 and port 3389’
Комментариев нет:
Отправить комментарий