(FortiGate)飞塔防火墙过滤指定会话并清理
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了(FortiGate)飞塔防火墙过滤指定会话并清理相关的知识,希望对你有一定的参考价值。
FG600D3918701304 # diagnose sys session filter(设置过滤条件)
vd Index of virtual domain. -1 matches all.
sintf Source interface.
dintf Destination interface.
src Source IP address.
nsrc NAT'd source ip address
dst Destination IP address.
proto Protocol number.
sport Source port.
nport NAT'd source port
dport Destination port.
policy Policy ID.
expire expire
duration duration
proto-state Protocol state.
session-state1 Session state1.
session-state2 Session state2.
clear Clear session filter.
negate Inverse filter.
FG600D3918701304 # diagnose sys session filter src 10.10.10.1(设置过滤条件为源地址10.10.10.1)
FG600D3918701304 # diagnose sys session list(罗列出过滤条件匹配的会话)
session info: proto=17 proto_state=01 duration=18 expire=161 timeout=0 flags=00000000 sockflag=00000000 sockport=7900 av_idx=0 use=6
origin-shaper=
reply-shaper=
per_ip_shaper=
ha_id=0 policy_dir=0 tunnel=/ helper=dns-udp vlan_cos=0/255
state=redir log local may_dirty nlb none
statistic(bytes/packets/allow_err): org=55/1/1 reply=71/1/1 tuples=3
tx speed(Bps/kbps): 2/0 rx speed(Bps/kbps): 3/0
orgin->sink: org pre->post, reply pre->post dev=18->54/54->18 gwy=113.102.128.1/10.10.10.1
hook=post dir=org act=snat 10.10.10.1:54831->223.5.5.5:53(113.102.131.230:54831)
hook=pre dir=reply act=dnat 223.5.5.5:53->113.102.131.230:54831(10.10.10.1:54831)
hook=post dir=reply act=noop 223.5.5.5:53->10.10.10.1:54831(0.0.0.0:0)
misc=0 policy_id=47 auth_info=0 chk_client_info=0 vd=0
serial=012ee90e tos=40/40 app_list=0 app=0 url_cat=0
dd_type=0 dd_mode=0
npu_state=0x040400
no_ofld_reason: redir-to-av non-npu-intf
session info: proto=17 proto_state=01 duration=9 expire=170 timeout=0 flags=00000000 sockflag=00000000 sockport=7900 av_idx=0 use=6
origin-shaper=
reply-shaper=
per_ip_shaper=
ha_id=0 policy_dir=0 tunnel=/ helper=dns-udp vlan_cos=0/255
state=redir log local may_dirty nlb none
statistic(bytes/packets/allow_err): org=71/1/1 reply=148/1/1 tuples=3
tx speed(Bps/kbps): 7/0 rx speed(Bps/kbps): 15/0
orgin->sink: org pre->post, reply pre->post dev=18->54/54->18 gwy=113.102.128.1/10.10.10.1
hook=post dir=org act=snat 10.10.10.1:56119->223.5.5.5:53(113.102.131.230:56119)
hook=pre dir=reply act=dnat 223.5.5.5:53->113.102.131.230:56119(10.10.10.1:56119)
hook=post dir=reply act=noop 223.5.5.5:53->10.10.10.1:56119(0.0.0.0:0)
misc=0 policy_id=47 auth_info=0 chk_client_info=0 vd=0
serial=012eedd7 tos=40/40 app_list=0 app=0 url_cat=0
dd_type=0 dd_mode=0
npu_state=0x040400
no_ofld_reason: redir-to-av non-npu-intf
......
FG600D3918701304 # diagnose sys session clear(将过滤条件匹配的所有会话清除)
FG600D3918701304 # diagnose sys session list(再次查看过滤条件匹配的所有会话)
total session 0(会话为 0)
FG600D3918701304 # diagnose sys session filter clear(清除设置好的过滤条件)
以上是关于(FortiGate)飞塔防火墙过滤指定会话并清理的主要内容,如果未能解决你的问题,请参考以下文章
SNMP篇(7.0) 03. PRTG监控FortiGate状态(上) ❀ 飞塔 (Fortinet) 防火墙