(FortiGate)飞塔防火墙过滤指定会话并清理

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了(FortiGate)飞塔防火墙过滤指定会话并清理相关的知识,希望对你有一定的参考价值。

技术分享图片


FG600D3918701304 # diagnose sys  session filter(设置过滤条件)

vd                Index of virtual domain. -1 matches all.

sintf             Source interface.

dintf             Destination interface.

src               Source IP address.

nsrc              NAT'd source ip address

dst               Destination IP address.

proto             Protocol number.

sport             Source port.

nport             NAT'd source port

dport             Destination port.

policy            Policy ID.

expire            expire

duration          duration

proto-state       Protocol state.

session-state1    Session state1.

session-state2    Session state2.

clear             Clear session filter.

negate            Inverse filter.


FG600D3918701304 # diagnose sys  session filter src 10.10.10.1(设置过滤条件为源地址10.10.10.1)

FG600D3918701304 # diagnose sys session list(罗列出过滤条件匹配的会话)

session info: proto=17 proto_state=01 duration=18 expire=161 timeout=0 flags=00000000 sockflag=00000000 sockport=7900 av_idx=0 use=6

origin-shaper=

reply-shaper=

per_ip_shaper=

ha_id=0 policy_dir=0 tunnel=/ helper=dns-udp vlan_cos=0/255

state=redir log local may_dirty nlb none

statistic(bytes/packets/allow_err): org=55/1/1 reply=71/1/1 tuples=3

tx speed(Bps/kbps): 2/0 rx speed(Bps/kbps): 3/0

orgin->sink: org pre->post, reply pre->post dev=18->54/54->18 gwy=113.102.128.1/10.10.10.1

hook=post dir=org act=snat 10.10.10.1:54831->223.5.5.5:53(113.102.131.230:54831)

hook=pre dir=reply act=dnat 223.5.5.5:53->113.102.131.230:54831(10.10.10.1:54831)

hook=post dir=reply act=noop 223.5.5.5:53->10.10.10.1:54831(0.0.0.0:0)

misc=0 policy_id=47 auth_info=0 chk_client_info=0 vd=0

serial=012ee90e tos=40/40 app_list=0 app=0 url_cat=0

dd_type=0 dd_mode=0

npu_state=0x040400

no_ofld_reason:  redir-to-av non-npu-intf

session info: proto=17 proto_state=01 duration=9 expire=170 timeout=0 flags=00000000 sockflag=00000000 sockport=7900 av_idx=0 use=6

origin-shaper=

reply-shaper=

per_ip_shaper=

ha_id=0 policy_dir=0 tunnel=/ helper=dns-udp vlan_cos=0/255

state=redir log local may_dirty nlb none

statistic(bytes/packets/allow_err): org=71/1/1 reply=148/1/1 tuples=3

tx speed(Bps/kbps): 7/0 rx speed(Bps/kbps): 15/0

orgin->sink: org pre->post, reply pre->post dev=18->54/54->18 gwy=113.102.128.1/10.10.10.1

hook=post dir=org act=snat 10.10.10.1:56119->223.5.5.5:53(113.102.131.230:56119)

hook=pre dir=reply act=dnat 223.5.5.5:53->113.102.131.230:56119(10.10.10.1:56119)

hook=post dir=reply act=noop 223.5.5.5:53->10.10.10.1:56119(0.0.0.0:0)

misc=0 policy_id=47 auth_info=0 chk_client_info=0 vd=0

serial=012eedd7 tos=40/40 app_list=0 app=0 url_cat=0

dd_type=0 dd_mode=0

npu_state=0x040400

no_ofld_reason:  redir-to-av non-npu-intf

......


FG600D3918701304 # diagnose sys session clear(将过滤条件匹配的所有会话清除)


FG600D3918701304 # diagnose sys session list(再次查看过滤条件匹配的所有会话)

total session 0(会话为 0)


FG600D3918701304 # diagnose sys session filter clear(清除设置好的过滤条件)

以上是关于(FortiGate)飞塔防火墙过滤指定会话并清理的主要内容,如果未能解决你的问题,请参考以下文章

(FortiGate)飞塔防火墙产品参数

(FortiGate)飞塔防火墙IPMAC绑定设置步骤

SNMP篇(7.0) 03. PRTG监控FortiGate状态(上) ❀ 飞塔 (Fortinet) 防火墙

SNMP篇(7.0) 04. PRTG监控FortiGate状态(下) ❀ 飞塔 (Fortinet) 防火墙

(FortiGate)飞塔防火墙查看设备基本信息命令

(FortiGate)飞塔防火墙使用LDAP和FSSO代理进行单点登录