Thursday, April 12, 2018

fun commands

commands

View connections sorted by rule.
[Expert@myvpn-fwb:0]#
fw tab -u -t connections -f | awk -F ';' '{print $16,"\t", $8,"\t", $10,"\t",  $11,"\t", $12}' |grep Rule | sort -ng



Interface Status of phisical interfaces (speed,duplex,driver type) in one line:
[Expert@myvpn-fwa:0]#
ifconfig -a | grep encap | awk '{print $1}' | grep -v lo | grep -v bond | grep -v ":" | grep -v ^lo | xargs -I % sh -c 'ethtool %; ethtool -i %' | grep '^driver\|Speed\|Duplex\|Setting' | sed "s/^/ /g" | tr -d "\t" | tr -d "\n" | sed "s/Settings for/\nSettings for/g" | awk '{print $5 " "$7 "\t " $9 "\t" $3}' | grep -v "Unknown" | grep -v "\."


1000Mb/s Full    e1000e Sync:
10000Mb/s Full   ixgbe  eth1-01:
10000Mb/s Full   ixgbe  eth1-04:
[Expert@myvpn-fwa:0]#



[Expert@myvpn-fwa:0]# clish -c "show routed cluster-state detailed"
CLINFR0771  Config lock is owned by admin. Use the command 'lock database override' to acquire the lock.

Cluster:                  Clustered
Master/Slave:             Slave
Master IP:                NO_MASTER_ADDRESS
Sync IP:                  192.168.10.1
Cluster Sync:             In_Progress
Last Sent:                NO_MESSAGE_SENT
Last Received:            NO_MESSAGE_RECEIVED

Cluster VIPs
Interface                 IPv4 Address      Global IPv6 Address 
eth1-01                   100.25.13.132     None 
eth1-04                   216.31.3.36     None 

Current time:           
Apr 12 12:45:44         

Cluster State Change History
Timestamp                 State Change Type
Feb  5 14:44:41           Master to Slave
Jan 22 15:42:54           Slave to Master

Cluster State SIGQUIT History
Timestamp                 SIGQUIT Change Type
Apr 11 13:25:10           Slave to Slave
Apr 11 13:25:10           Slave to Slave
Apr 11 13:25:05           Slave to Slave
Apr 11 13:25:04           Slave to Slave
Apr 11 13:25:04           Slave to Slave
Apr 11 13:00:43           Slave to Slave
Apr 11 13:00:43           Slave to Slave
Apr 11 13:00:43           Slave to Slave
Apr 11 13:00:38           Slave to Slave
Apr 11 13:00:37           Slave to Slave
Apr 11 13:00:37           Slave to Slave
Apr 11 13:00:37           Slave to Slave
Feb 23 14:46:52           Slave to Slave
Feb 23 14:46:52           Slave to Slave
Feb 23 14:46:47           Slave to Slave
Feb 23 14:46:47           Slave to Slave
Feb 23 14:46:47           Slave to Slave
Feb 23 14:37:43           Slave to Slave
Feb 23 14:37:43           Slave to Slave
Feb 23 14:37:38           Slave to Slave

Cluster Routed Pnote Change History
Timestamp                 Pnote State       Event Description 
Jan 22 15:40:21           PNOTE_OK          DR Isn't Configured 

Cluster Routed Pnote History
Timestamp                 Pnote State       Event Description 
Feb  5 14:21:14           PNOTE_OK          Master: Sigquit Received 
Feb  5 14:21:14           PNOTE_OK          Master: Sigquit Received 
Jan 25 11:12:09           PNOTE_OK          Master: Sigquit Received 
Jan 25 11:12:09           PNOTE_OK          Master: Sigquit Received 
Jan 25 11:12:09           PNOTE_OK          Master: Sigquit Received 
Jan 25 11:12:03           PNOTE_OK          Master: Sigquit Received 
Jan 25 11:12:03           PNOTE_OK          Master: Sigquit Received 
Jan 25 11:12:03           PNOTE_OK          Master: Sigquit Received 
Jan 25 11:12:03           PNOTE_OK          Master: Sigquit Received 
Jan 25 11:12:03           PNOTE_OK          Master: Sigquit Received 
Jan 22 15:49:50           PNOTE_OK          Master: Sigquit Received 
Jan 22 15:48:08           PNOTE_OK          DR Isn't Configured 
Jan 22 15:47:03           PNOTE_OK          DR Isn't Configured 
Jan 22 15:45:56           PNOTE_OK          DR Isn't Configured 
Jan 22 15:45:45           PNOTE_OK          DR Isn't Configured 

[Expert@myvpn-fwa:0]#

Install Policy

# mgmt_cli install-policy


Show unused objects:

# mgmt_cli show unused-objects offset 0 limit 50 details-level "standard" --format json



R80.10+ debug VPN

# iketool


Shows Cluster information

> show routed cluster-state detailed
at

Monday, April 9, 2018

Threat Prevention tab




Normally, there is no need for tuning the cache.
To change the relevant settings:
A.      Go to Threat Prevention tab.
B.      In the left tree, expand the Advanced - click on Engine Settings.
C.      Scroll to the bottom - in the Threat Emulation Settings section, click on the Configure settings... button.
D.      Set the desired limits:
o   Maximum file size for emulation - Files that are larger than this value are not sent for emulation (because large files can reduce network performance)
o   Maximum emulation time - The maximal time that Threat Emulation does analysis on a file (used only for a Local Emulation)
o   Maximum file time in queue - The maximal time that a file waits for Threat Emulation analysis
o   Number of file hashes to save in local cache - Number of file hashes that are stored in the Threat Emulation local cache

E.      Click on OK.
F.      Install the Threat Prevention policy.




at