FortiGate 的相关知识
2012-05-26 13:49
155 查看
conf_file_ver=2873081117195307246 每一次备份都会生成一个这样的序号,不影响使用。
这个本地证书,每次都发生变化。请问这个是正常的吧? 为什么每次这个证书都会不同? 是根据设备的什么参数,还是随机的。为什么别的证书不是这样的。
这个是正常的。是程序代码故意处理的,只对证书的私钥部分作了处理。
diagnose debug enable
diagnose debug console timestamp enable
diagnose debug flow filter
diagnose debug console show console enable
diagnose debug flow trace start xxxx 输出多少个符合条件的包
diagnose debug flow show function-name enable
五元组 源地址 目的地址 源端口 目的端口 接口。
$ 2012-05-25 13:50:50 id=20085 trace_id=90 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.4.3:8) from OUT."
2012-05-25 13:50:50 id=20085 trace_id=90 msg="allocate a new session-19efae23"
2012-05-25 13:50:50 id=20085 trace_id=90 msg="find a route: gw-195.0.4.3 via BMWZ"
2012-05-25 13:50:50 id=20085 trace_id=90 msg="Allowed by Policy-20:"
2012-05-25 13:50:51 id=20085 trace_id=91 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.4.3:8) from OUT."
2012-05-25 13:50:51 id=20085 trace_id=91 msg="Find an existing session, id-19efae23, original direction"
2012-05-25 13:50:52 id=20085 trace_id=92 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.4.3:8) from OUT."
2012-05-25 13:50:52 id=20085 trace_id=92 msg="Find an existing session, id-19efae23, original direction"
2012-05-25 13:50:53 id=20085 trace_id=93 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.4.3:8) from OUT."
2012-05-25 13:50:53 id=20085 trace_id=93 msg="Find an existing session, id-19efae23, original direction"
会话同步是自动的(配置勾选了会话同步), 备墙重新启动后,就进行会话的同步, 同步主墙当前及以后新建的TCP会话.TCP会话同步,UDP、ICMP、多播、广播不同步.
diag debug app hatalk -1
diag sys ha dump 1
diag debug enable命令的输出可以在telnet管理界面显示.
$ 2012-05-25 13:54:33 id=20085 trace_id=94 func=resolve_ip_tuple_fast line=2700 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.2.10:8) from OUT."
2012-05-25 13:54:33 id=20085 trace_id=94 func=resolve_ip_tuple line=2799 msg="allocate a new session-19efb092"
2012-05-25 13:54:33 id=20085 trace_id=94 func=vf_ip4_route_input line=1543 msg="find a route: gw-195.0.2.10 via CWJZ"
2012-05-25 13:54:33 id=20085 trace_id=94 func=fw_forward_handler line=317 msg="Allowed by Policy-5:"
2012-05-25 13:54:34 id=20085 trace_id=95 func=resolve_ip_tuple_fast line=2700 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.2.10:8) from OUT."
2012-05-25 13:54:34 id=20085 trace_id=95 func=resolve_ip_tuple_fast line=2727 msg="Find an existing session, id-19efb092, original direction"
2012-05-25 13:54:35 id=20085 trace_id=96 func=resolve_ip_tuple_fast line=2700 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.2.10:8) from OUT."
2012-05-25 13:54:35 id=20085 trace_id=96 func=resolve_ip_tuple_fast line=2727 msg="Find an existing session, id-19efb092, original direction"
2012-05-25 13:54:36 id=20085 trace_id=97 func=resolve_ip_tuple_fast line=2700 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.2.10:8) from OUT."
2012-05-25 13:54:36 id=20085 trace_id=97 func=resolve_ip_tuple_fast line=2727 msg="Find an existing session, id-19efb092, original direction"
FG200A2104450177 (global) # get sys ha status
Model: 200
Mode: a-p
Group: 35
Debug: 0
ses_pickup: disable
Master:200 FG200A2104450177 FG200A2104450177 1
Slave :100 FG200A2104450399 FG200A2104450399 0
number of vcluster: 2
vcluster 1: work 169.254.0.2
Master:0 FG200A2104450177
Slave :1 FG200A2104450399
vcluster 2: standby 169.254.0.1
Slave :1 FG200A2104450177
Master:0 FG200A2104450399
FGT8002604400020 # id=36870 trace_id=71 func=resolve_ip_tuple_fast line=3427 msg="vd-root received a packet(proto=17,
2.168.118.34:138->192.168.118.255:138) from internal." 查看的是 vd-root
id=36870 trace_id=71 func=resolve_ip_tuple line=3559 msg="allocate a new session-0000a07c" 创建一个会话
id=36870 trace_id=71 func=vf_ip4_route_input line=1585 msg="find a route: gw-192.168.118.255 via root" 目的路由检查
id=36870 trace_id=71 func=fw_local_in_handler line=237 msg="iprope_in_check() check failed, drop" 防火墙策略。这里被drop,也就是deny了。
FGT50B3G07516763 # diagnose debug flow show console enable
show trace messages on console
FGT50B3G07516763 # diagnose debug flow show function-name enable
show function name
FGT50B3G07516763 # diagnose debug flow filter addr 192.168.3.189
FGT50B3G07516763 #
FGT50B3G07516763 #
FGT50B3G07516763 # diagnose debug flow trace start 20
FGT50B3G07516763 # diagnose debug enable
FGT50B3G07516763 # id=36871 trace_id=1 func=resolve_ip_tuple_fast line=3757 msg="vd-root received a packet(proto=1, 192.168.3.189:1->192.168.1.254:8) from internal."
id=36871 trace_id=1 func=resolve_ip_tuple line=3889 msg="allocate a new session-0037907a"
id=36871 trace_id=1 func=ip_route_input_slow line=1268 msg="reverse path check fail, drop" 源路由检测失败
id=36871 trace_id=2 func=resolve_ip_tuple_fast line=3757 msg="vd-root received a packet(proto=1, 192.168.3.189:1->192.168.1.254:8) from internal."
id=36871 trace_id=2 func=resolve_ip_tuple line=3889 msg="allocate a new session-0037907b"
id=36871 trace_id=2 func=ip_route_input_slow line=1268 msg="reverse path check fail, drop"
id=36871 trace_id=3 func=resolve_ip_tuple_fast line=3757 msg="vd-root received a packet(proto=1, 192.168.3.189:1->192.168.1.254:8) from internal."
id=36871 trace_id=3 func=resolve_ip_tuple line=3889 msg="allocate a new session-0037907c"
id=36871 trace_id=3 func=ip_route_input_slow line=1268 msg="reverse path check fail, drop"
id=36871 trace_id=4 func=resolve_ip_tuple_fast line=3757 msg="vd-root received a packet(proto=1, 192.168.3.189:1->192.168.1.254:8) from internal."
id=36871 trace_id=4 func=resolve_ip_tuple line=3889 msg="allocate a new session-0037907d"
id=36871 trace_id=4 func=ip_route_input_slow line=1268 msg="reverse path check fail, drop"
这个本地证书,每次都发生变化。请问这个是正常的吧? 为什么每次这个证书都会不同? 是根据设备的什么参数,还是随机的。为什么别的证书不是这样的。
这个是正常的。是程序代码故意处理的,只对证书的私钥部分作了处理。
diagnose debug enable
diagnose debug console timestamp enable
diagnose debug flow filter
diagnose debug console show console enable
diagnose debug flow trace start xxxx 输出多少个符合条件的包
diagnose debug flow show function-name enable
五元组 源地址 目的地址 源端口 目的端口 接口。
$ 2012-05-25 13:50:50 id=20085 trace_id=90 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.4.3:8) from OUT."
2012-05-25 13:50:50 id=20085 trace_id=90 msg="allocate a new session-19efae23"
2012-05-25 13:50:50 id=20085 trace_id=90 msg="find a route: gw-195.0.4.3 via BMWZ"
2012-05-25 13:50:50 id=20085 trace_id=90 msg="Allowed by Policy-20:"
2012-05-25 13:50:51 id=20085 trace_id=91 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.4.3:8) from OUT."
2012-05-25 13:50:51 id=20085 trace_id=91 msg="Find an existing session, id-19efae23, original direction"
2012-05-25 13:50:52 id=20085 trace_id=92 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.4.3:8) from OUT."
2012-05-25 13:50:52 id=20085 trace_id=92 msg="Find an existing session, id-19efae23, original direction"
2012-05-25 13:50:53 id=20085 trace_id=93 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.4.3:8) from OUT."
2012-05-25 13:50:53 id=20085 trace_id=93 msg="Find an existing session, id-19efae23, original direction"
会话同步是自动的(配置勾选了会话同步), 备墙重新启动后,就进行会话的同步, 同步主墙当前及以后新建的TCP会话.TCP会话同步,UDP、ICMP、多播、广播不同步.
diag debug app hatalk -1
diag sys ha dump 1
diag debug enable命令的输出可以在telnet管理界面显示.
$ 2012-05-25 13:54:33 id=20085 trace_id=94 func=resolve_ip_tuple_fast line=2700 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.2.10:8) from OUT."
2012-05-25 13:54:33 id=20085 trace_id=94 func=resolve_ip_tuple line=2799 msg="allocate a new session-19efb092"
2012-05-25 13:54:33 id=20085 trace_id=94 func=vf_ip4_route_input line=1543 msg="find a route: gw-195.0.2.10 via CWJZ"
2012-05-25 13:54:33 id=20085 trace_id=94 func=fw_forward_handler line=317 msg="Allowed by Policy-5:"
2012-05-25 13:54:34 id=20085 trace_id=95 func=resolve_ip_tuple_fast line=2700 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.2.10:8) from OUT."
2012-05-25 13:54:34 id=20085 trace_id=95 func=resolve_ip_tuple_fast line=2727 msg="Find an existing session, id-19efb092, original direction"
2012-05-25 13:54:35 id=20085 trace_id=96 func=resolve_ip_tuple_fast line=2700 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.2.10:8) from OUT."
2012-05-25 13:54:35 id=20085 trace_id=96 func=resolve_ip_tuple_fast line=2727 msg="Find an existing session, id-19efb092, original direction"
2012-05-25 13:54:36 id=20085 trace_id=97 func=resolve_ip_tuple_fast line=2700 msg="vd-root received a packet(proto=1, 199.0.13.120:512->195.0.2.10:8) from OUT."
2012-05-25 13:54:36 id=20085 trace_id=97 func=resolve_ip_tuple_fast line=2727 msg="Find an existing session, id-19efb092, original direction"
FG200A2104450177 (global) # get sys ha status
Model: 200
Mode: a-p
Group: 35
Debug: 0
ses_pickup: disable
Master:200 FG200A2104450177 FG200A2104450177 1
Slave :100 FG200A2104450399 FG200A2104450399 0
number of vcluster: 2
vcluster 1: work 169.254.0.2
Master:0 FG200A2104450177
Slave :1 FG200A2104450399
vcluster 2: standby 169.254.0.1
Slave :1 FG200A2104450177
Master:0 FG200A2104450399
FGT8002604400020 # id=36870 trace_id=71 func=resolve_ip_tuple_fast line=3427 msg="vd-root received a packet(proto=17,
2.168.118.34:138->192.168.118.255:138) from internal." 查看的是 vd-root
id=36870 trace_id=71 func=resolve_ip_tuple line=3559 msg="allocate a new session-0000a07c" 创建一个会话
id=36870 trace_id=71 func=vf_ip4_route_input line=1585 msg="find a route: gw-192.168.118.255 via root" 目的路由检查
id=36870 trace_id=71 func=fw_local_in_handler line=237 msg="iprope_in_check() check failed, drop" 防火墙策略。这里被drop,也就是deny了。
FGT50B3G07516763 # diagnose debug flow show console enable
show trace messages on console
FGT50B3G07516763 # diagnose debug flow show function-name enable
show function name
FGT50B3G07516763 # diagnose debug flow filter addr 192.168.3.189
FGT50B3G07516763 #
FGT50B3G07516763 #
FGT50B3G07516763 # diagnose debug flow trace start 20
FGT50B3G07516763 # diagnose debug enable
FGT50B3G07516763 # id=36871 trace_id=1 func=resolve_ip_tuple_fast line=3757 msg="vd-root received a packet(proto=1, 192.168.3.189:1->192.168.1.254:8) from internal."
id=36871 trace_id=1 func=resolve_ip_tuple line=3889 msg="allocate a new session-0037907a"
id=36871 trace_id=1 func=ip_route_input_slow line=1268 msg="reverse path check fail, drop" 源路由检测失败
id=36871 trace_id=2 func=resolve_ip_tuple_fast line=3757 msg="vd-root received a packet(proto=1, 192.168.3.189:1->192.168.1.254:8) from internal."
id=36871 trace_id=2 func=resolve_ip_tuple line=3889 msg="allocate a new session-0037907b"
id=36871 trace_id=2 func=ip_route_input_slow line=1268 msg="reverse path check fail, drop"
id=36871 trace_id=3 func=resolve_ip_tuple_fast line=3757 msg="vd-root received a packet(proto=1, 192.168.3.189:1->192.168.1.254:8) from internal."
id=36871 trace_id=3 func=resolve_ip_tuple line=3889 msg="allocate a new session-0037907c"
id=36871 trace_id=3 func=ip_route_input_slow line=1268 msg="reverse path check fail, drop"
id=36871 trace_id=4 func=resolve_ip_tuple_fast line=3757 msg="vd-root received a packet(proto=1, 192.168.3.189:1->192.168.1.254:8) from internal."
id=36871 trace_id=4 func=resolve_ip_tuple line=3889 msg="allocate a new session-0037907d"
id=36871 trace_id=4 func=ip_route_input_slow line=1268 msg="reverse path check fail, drop"
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 概率统计相关基础知识
- 06-CSS行高相关知识
- Web相关知识,Tomcat
- Android应用程序签名相关的理论知识
- LINUX驱动IOCTL函数相关知识
- Android菜鸟笔记-EditText相关知识整理
- LINQ的相关知识
- IOS -- ViewController的LoadView和ViewDidLoad方法相关知识总结
- mybatis相关知识
- 直播相关知识之三 优化及相关资料收集
- 短信相关知识整理
- rfid相关知识导航(ing......)
- i2c相关知识
- 关于JSON的相关知识
- 推荐系统与推荐算法相关的知识
- 近似熵理论相关知识与代码实现
- 【转帖】 "网卡"(MAC+PHY)的相关知识
- GPU,图形学相关知识
- 最大似然估计,最大后验估计,概率相关知识
- 原生程序初次逆向之ARM与X86相关知识对比