Check Point排错工具
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Check Point排错工具相关的知识,希望对你有一定的参考价值。
1.tcpdump 通常用来抓包处理经过网卡的交互包
[Expert@BJ-OFFICE-GW:0]# tcpdump -nni any host 10.158.1.100 -w /var/log/tcpdump20190821.cap
tcpdump: WARNING: Promiscuous mode not supported on the "any" device
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 96 bytes
2.fw monitor 通常用来通过CP的虚连接来查看报文的交互过程,最常用
fw monitor -e "host (x.x.x.x) or host(y.y.y.y), accept;" -o /var/log/20190821.cap
[Expert@BJ-OFFICE-GW:0]# fw monitor -e "host (10.158.1.100) , accept;" -o /var/log/2019082102.cap
monitor: getting filter (from command line)
monitor: compiling
monitorfilter:
Compiled OK.
monitor: loading
monitor: monitoring (control-C to stop)
933 monitor: caught sig 2
monitor: unloading
- fw ctl zdebug 工具
# fw ctl zdebug + drop | grep 10.158.1.100> /var/log/2019082203.txt
[Expert@BJ-OFFICE-GW:0]# fw ctl zdebug + drop | grep 10.158.1.100> /var/log/2019082203.txt
以上是关于Check Point排错工具的主要内容,如果未能解决你的问题,请参考以下文章
Check Point增强安全访问服务边缘,安全连接远程和混合劳动力
Check Point 收购 Avanan,重塑云电子邮件和协作安全性
排错集锦:在MHA 的配置过程中masterha_check_repl -conf=/etc/masterha/app1.cnf 失败