| Fortinet Arayüz SSH,TELNET Komutları | |
| diagnose sniffer packet any “host 213.199.186.202” 4 Çıktısı Yanda
diagnose sniffer packet port1 “tcp and port 514 and host 10.1.2.2” 4 |
interfaces=[any] filters=[host 213.199.186.202] 7.034907 port2 in 10.0.0.106.1421 -> 213.199.186.202.80: syn 2279801009 7.035372 port2 out 213.199.186.202.80 -> 10.0.0.106.1421: syn 89562169 ack 2279801010 7.035379 eth0 out 213.199.186.202.80 -> 10.0.0.106.1421: syn 89562169 ack 2279801010 7.036228 port2 in 10.0.0.106.1421 -> 213.199.186.202.80: ack 89562170 7.036656 wan1 out 91.93.143.15.37637 -> 213.199.186.202.80: syn 3514595903 7.036855 port2 in 10.0.0.106.1421 -> 213.199.186.202.80: psh 2279801010 ack 89562170 7.037625 port2 out 213.199.186.202.80 -> 10.0.0.106.1421: ack 2279802384 |
|
Debug Flow
|
Dia debug flow filter Dia debug flow show consol enable Dia debug flow show function-name enable Dia debug flow trace start 1000 Dia debug enable Filter dan sonra ? ile neleri filtreleyeceğini görebilirsin. Dia debug flow trace start 1000 ise 1000 kaydı göster demek. |
| diagnose sniffer packet “wan2” ‘port 80’
diagnose sniffer packet “wan2” ‘port 110’ |
|
| diagnose sys top | Run Time: 3 days, 15 hours and 43 minutes 3U, 4S, 92I; 1009T, 636F, 205KF ipsengine 54 S < 2.3 6.4 scanunitd 18240 S < 0.9 1.3 thttp 47 S 0.7 7.4 urlfilter 55 S 0.3 2.3 miglogd 32 S 0.3 1.2 httpsd 63 S 0.0 2.0 httpsd 78 S 0.0 1.9 cmdbsvr 21 S 0.0 1.6 httpsd 33 S 0.0 1.4 newcli 14260 R 0.0 1.2 newcli 14257 S 0.0 1.2 fgfmd 5134 S 0.0 1.2 cw_acd 74 S 0.0 1.1 sslvpnd 61 S 0.0 1.1 merged_daemons 49 S 0.0 1.0 authd 58 S 0.0 1.0 fdsmgmtd 65 S 0.0 1.0 scanunitd 28064 S < 0.0 1.0 iked 62 S 0.0 1.0 |
| get sys performance status | CPU states: 10% user 1% system 0% nice 89% idle Memory states: 32% used Average network usage: 5524 kbps in 1 minute, 4357 kbps in 10 minutes, 2957 kbps in 30 minutes Average sessions: 1713 sessions in 1 minute, 1644 sessions in 10 minutes, 1639 sessions in 30 minutes Virus caught: 0 total in 1 minute IPS attacks blocked: 0 total in 1 minute Uptime: 3 days, 15 hours, 45 minutes |
| diagnose hardware deviceinfo nic port2 | diagnose hardware deviceinfo nic port10
bu komut ile nic durumumuzu görürüz diagnose hardware deviceinfo nic port2 |
| dia sys session clear | Bir kullanıcının veya tüm sessionları temizlemek için kullanılır dia sys session filter src 10.1.0.23 ile bu ip nin sessionlarını clear edersiniz |
| execute dhcp lease-clear | Fortigate Dhcp Serverdan Kullanıcı Listesi Temizlemek ici Asagidaki islemi yapmalisiniz.Bu komut ile dhcp serverdaki client listesi temizlenir kullanicilarda ip adresini yenilemek gerekecektir. |
| In order to see a tcp dump of information flowing through a fortigate, the diagnose sniffer command can be used from cli. The command syntax:
diagnose sniffer packet {interface | all} ‘net z.z.z.z/p and/or host x.x.x.x and/or port yyy’ [options] You can narrow your search by filtering on any or the following: net/prefix : print a whole netblock The Options field at the end are as follow: Option ‘4′ is particularly useful, in that it shows the associated interface for the directional traffic |
diagnose sniffer packet any ‘net 10.0.0.0/8 and host 172.16.16.14 and port 3389′
diagnose sniffer packet any ‘host 10.4.131.97 and host 172.16.16.14 and port 3389′ 4 |
| Komut listesi için ? işaretini consoleda yazarsanız yandaki ekranı alırsınız
config ? config te çalışıcak liste |
config config object get get dynamic and system information show show configuration diagnose diagnose facility execute execute static commands exit exit CLI |
