Scribd Logo
Upload

Welcome to Scribd!

  • Comandos Fortigate

    Uploaded by

    Bryan Nepomuceno
    11 views6 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    11 views6 pages

    Comandos Fortigate

    Uploaded by

    Bryan Nepomuceno

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    COMANDOS FORTIGATE ORIGEM TICKETS ABERTOS

    get system status

    diag sys flash list

    diag deb config-error-log read

    get system startup-error-log

    get hardware status

    get sys performance status

    diag sys top 5 20 ---> type SHIFT+P (5 times) to sort by CPU -> Then pres 'q'
    to stop it.

    diag sys top 2 50 ---> type SHIFT+M (5 times) to sort by mem -> Then pres 'q'
    to stop it.

    diag sys top-summary 30 ---> (let it run for 15 sec)

    diag sys top-summary '-s mem -i 10 -n 30' ---> (let it run for 20 sec)

    diag hardware sysinfo memory

    diag hardware sysinfo shm

    diag hardware sysinfo slab

    diag hardware sysinfo conserve

    diag hard sysinfo interrupts

    diagnose firewall iprope state

    get hardware memory

    diag deb crashlog interval 0


    diag debug crashlog read

    diag sys logdisk usage

    diag autoupdate status

    diag autoupdate version

    diag autoupdate versions | grep "IPS Attack" -A 6

    get sys performance firewall statistics

    diag sys session full-stat

    diagnose sys tcpsock

    diagnose test update info

    sh full firewall policy 42

    sh full aplication list APP_TI

    sh full webfilter profile <ProfileName-WF>


    #diag debug disable

    #diag debug reset

    #diag debug application sslvpn -1

    #diag debug enable

    Realize as conexões e assim que alguma falhar pare o debug:

    #diag debug disable

    diag sys session filter dport 3389

    diag sys session filter dst XXXX

    diag sys session list

    SSH:

    diag debug flow trace stop

    diag debug disable

    diag debug reset

    diagnose debug console timestamp enable

    diag debug flow filter addr IP_OF_THE_SERVER

    diag debug flow filter port 3389

    diag debug flow show function-name enable


    diag debug flow trace start 400

    diag debug enable

    #diagnose debug disable

    #diagnose debug flow trace stop

    #diagnose debug flow filter clear

    #diagnose debug reset

    #diagnose debug flow filter addr x.x.x.x <- IP DE VPN DA MÁQUINA DE TESTES

    #diagnose debug flow show function-name enable

    #diagnose debug console timestamp enable

    #diagnose debug flow trace start 999

    #diagnose debug enable

    Seu amavel apoio enviando a saida dos seguintes comandos:

    *Fortianalyzer:

    #get sys status

    #diag dvm supported-platforms list


    #diag debug app oftpd 8 172.25.0.2

    #diag debug ena

    -Espere 1 minuto

    #diag debug dis

    *Fortiweb

    #get sys status

    # diagnose debug application miglogd 7

    # diagnose debug application logd 7

    # diagnose debug timestamp enable

    # diagnose debug enable

    *Espere 1 minuto

    # diagnose debug disable

    # diag sys top 1 < --- procure pelo ID do logd

    # kill -11 <PID>

    # kill -9 <PID>

    Depois valide novamente a conexao como Fortianalyzer salvando a saída do:

    #diag debug app oftpd 8 172.25.0.2

    #diag debug ena

    -Espere 1 minuto
    #diag debug dis

    diagnose debug reset

    diagnose debug flow filter clear

    diagnose debug flow filter saddr <x.x.x.x> --> IP Origem

    diagnose debug flow filter daddr <x.x.x.x> --> IP Destino

    diagnose debug flow show iprope enable

    diagnose debug flow show function-name enable

    diagnose debug flow trace start 20000

    diagnose debug enable

    You might also like