debug flow basic
(2017-02-13)
| Step | command | |
|---|---|---|
| 1 | set console dbuf | Set debugs to be redirected to the debug buffer. It is too CPU intensive to send to the console. The command 'get console' should report 'debug:buffer'. |
| 2 | undebug all | Turn off any debugs, just to be safe. |
| 3 | set db size 4096 | (Optional) Increase the debug buffer. The debug buffer is circular. If you need to capture a lot of data, set the debug buffer to the maximum size of 4096 (4 MB). Use the command 'get db info' to see the current size of the debug buffer in KB. Note: You could alternatively send debug output to a USB drive, which would allow you to have a > 4 MB dbuf buffer. See KB12277 for further details. |
| 4 | get ffilter | Display any configured flow filters (ffilter). No filters are expected to be set at this time. If you see flow filters listed that are not applicable to your debug test, you can delete them with the command 'unset ffilter'. |
| 5 | set ffilter src-ip x.x.x.x dst-ip y.y.y.y set ffilter src-ip y.y.y.y dst-ip x.x.x.x | Set flow filters (ffilter) to observe specific packets flowing in each direction, and where any possible problems may be. Basically, you want to define the end points of communication to limit what is captured in the debug buffer. For more information on flow filters, refer to KB6709 - Understanding debug ffilters. |
| 6 | clear db | Clear the debug buffer. |
| 7 | debug flow basic | Start the debug, specifically the 'flow' debug. |
| 8 | Initiate the traffic that you are interested in capturing. | |
| 9 | undebug all | Turn debugs off and stop writing to the circular debug buffer. Run this command as soon as Step 8 is finished to avoid overwriting what was captured in the debug buffer. Note: You can also press the ESC key to stop debug and snoop, with a single keystroke. |
| 10 | get db stream | Display what was captured in the debug buffer. You can also enter 'get db stream > tftp <ipaddr> <filename>' to redirect the debug buffer to a file. |
| 11 | unset ffilter | Remove the flow filters. Enter this command twice (once for each filter step in step 5). Use the command 'get ffilter' to see if the filters are removed. |
| 12 | unset db size | Set the debug buffer size back to the default buffer size. Use the command 'get db info' to see the current size of the debug buffer in KB. |
no comments |
post comment
Virtual Dave Megaplex:
Home Page- This wiki's start page
- Send Feedback To Dave
Logged in Users: (1)
Recently Changed
Check Internet Service Database Match- Device-Local Certificate Expired
- CLI Policy Lookup
- DH Selection For IPsec VPNs
- Scan For Newly Added Disk
- nmap
- Seconds Since Epoch to Local Time
- Link Monitor
- DH group to OAKLEY_GROUP table
- Fire Eater
- start
- FortiClient Error Codes
- dhparams Generation
- SSL Certificate Bundles
- ufw
- Grow A LVM Partition
- Creating Users
- whoami
- list databases
- 2023
- 2022
- 2019
- 2018
- 2017
- 2011
- 2010
- 2008
- 2001
- 2000
- 1999
Editing: snipsnap-help, Image Macro(Et auditum est, et idcirco ego nunc simulare)
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.