FortiGate_相關指令

Paladin 发布于 2024-7-22 15:06 阅读：203 oTher

查看系統

- get sys status  #查看系統狀態
- get hardware status   #查看硬件配置
- get system performance status  #查看性能（CPU使用率有多高）
- diagnose sys top 1 #显示每一个进程各自的占用率（為什麼CPU使用率高）
- diagnose sys top-summary #显示总占用率
- get sys are  #查看arp表
- get system session list   #查看會話表
- get router info routing-talbe all  #查看路由表
- get router info routing-table all #查看路由狀態
- get router info routing all     #查看看路由表
- get system status #查看ha狀態
- exec clear system arp table  #清除arp表
- exec ping /traceroute /ssh /ssh  /telnet  #執行常用命令
- show full-configuration system interface   #查看接口配置
- show firewall policey   #查看防火墻策略
- show system setting     #看看防火墙配置
- diagnose sys top-sum   #查詢系統進程
- get hardwrae nic <prot> #查看物理接口信息
- get system interface transceiver #SFP/SFP+ 接收的信息强度
- diagnose ip arp list #arp表
- execute ping-options #网络层故障排查
    data-size Integer value to specify datagram size in bytes.
    df-bit Set DF bit in IP header <yes | no>.
    interval Integer value to specify seconds between two pings.
    repeat-count Integer value to specify how many times to repeat PING.
    source Auto | <source interface IP>.
    timeout Integer value to specify timeout in seconds.
    tos IP type-of-service option.
    ttl Integer value to specify time-to-live.
- execute ping {<ipv4_address> | <host_fqdn>}
- execute traceroute {<ipv4_address> | <host_fqdn>}
- diagnose hardware test suite all #FortiOS硬件测试命令
- diagnose debug crashlog read #查看crash log用于调试，进程关闭时，记录为killed， 一些是normal (例如：关闭scanunit 更新签名库)，也会记录保护模式事件。

進程狀態

正常
• S: Sleeping
• R: Running
• D: Do not Disturb; 等待某个处理结束，如disk I/O
异常
• Z: Zombie

備機切換

- diagnose system ha reset-uptime #切換備機

設定

- config alertemail setting     #設定郵件發送
- config system global #配置狀態
- set gui-firmware-upgrade-warning  disable #關閉防火墻 登錄後因固件未升級的提示想到

抓包

diagnose  sniffer packet any " host 192.168.67.13 and port 69 " 4 0 1  #樣例
diag sni pac any 'host x.x.X.x'4 #参数4显示接口名和收发（进出）方向，ctrl+c停止抓包
diag sni pac any 'host x.x.x.x and icmp'4 #抓取ICMP类型的数据
diag sni pac any 'host x.x.x.x and esp'4 4#抓取ESP类型的数据
diag sni pac any 'host x.X.X.X and y.y.y.y' #抓取两个接口的ICMP数据
diag sni pac any 'host x.x.x.x and port 8080'4 #抓取8080端口的数据

抓會話：

- diag sys sessions fi policy 19 #過濾
- diag sys sesions list #顯示
- diag sys session fi  policy 41 #清理會話 過濾
- diagnose sys session filter  #會話表過濾
- diag sys session clear #清理

Link-Monitor

config system link-monitor  //檢測
    edit "YiDong"
        set srcintf "wan1"
        set server "221.179.79.49" "223.5.5.5"
        set source-ip 221.179.79.50
    next
    edit "DianXin"
        set srcintf "wan2"
        set server "61.142.64.1" "223.5.5.5"
        set source-ip 61.142.64.2
    next
end

Debug Flow 显示CPU一步一步的对数据包进行处理,如果数据包被丢弃，会显示原因.

- diagnose debug flow show console enable #开启控制台输出
- diagnose debug flow filter <filter> #指定过滤器
- diagnose debug enable #开启debug输出
- diag debug flow trace start [number_of_packets] #开始trace
- diagnose debug flow trace stop #停止trace

Forti