İyi günler arkadaşlar. Güvenlik Duvarında donanımsal çözüm kullanan arkadaşlarımızın birçoğu fortinet ürünlerini kullanmıştır. Bugün hayatımızı kolaylaştıracak 10 faydalı komutu sizlerle paylaşmak istiyorum Hadi başlayalım :
1-
Get System Status
Sistem versiyonu,
bios bilgisi ,Servisler DB bilgilerini ekrana basar
| version: FortiGate-600D v5.2.3,build4944,150622 (GA) |
| Virus-DB: 45.00132(2017-03-02 15:11) |
| Extended DB: 45.00132(2017-03-02 15:10) |
| Extreme DB: 1.00000(2012-10-17 15:47) |
| IPS-DB: 10.00079(2017-03-02 01:40) |
| IPS-ETDB: 0.00000(2001-01-01 00:00) |
| Serial-Number: |
| Botnet DB: 3.00325(2017-03-02 10:06) |
| BIOS version: 05000003 |
| System Part-Number: P18736-01 |
| Log hard disk: Available |
| Hostname: FGT6HD3915800179 |
| Operation Mode: NAT |
2-
Get System Performance status
ortalama trafik
kullanımını (tüm interfaceler ) ortalama session sayısını ,
IPS count sonucunu , Antivirüs çıktısını , ayrıca cpu
kullanımlarını ekrana basar
PU states: 1% user 0% system 0% nice 99% idle
|
CPU0 states: 0% user 1% system 0% nice 99% idle
|
CPU1 states: 1% user 0% system 0% nice 99% idle
|
CPU2 states: 2% user 0% system 0% nice 98% idle
|
CPU3 states: 1% user 0% system 0% nice 99% idle
|
CPU4 states: 2% user 0% system 0% nice 98% idle
|
CPU5 states: 2% user 0% system 0% nice 98% idle
|
CPU6 states: 1% user 1% system 0% nice 98% idle
|
CPU7 states: 1% user 1% system 0% nice 98% idle
|
Memory states: 52% used
|
Average network usage: 32119 kbps in 1 minute, 33665 kbps in 10 minutes,
29071 kbps in 30 minutes
|
Average sessions: 9701 sessions in 1 minute, 9534 sessions in 10 minutes,
6732 sessions in 30 minutes
|
Average session setup rate: 122 sessions per second in last 1 minute, 99
sessions per second in last 10 minutes,
sessions per second in last 30 minutes
|
Virus caught: 0 total in 1 minute
|
IPS attacks blocked: 0 total in 1 minute
|
Uptime: 24 days, 15 hours, 57 minutes
|
3-
Get System Performance Firewall Statistics
BrBrowsing: 2489087098 packets, 1591927222108 bytes
|
DNS: 101088658 packets, 10479952058 bytes
|
E-Mail: 83048 packets, 67463659 bytes
|
FTP: 576097 packets, 536616900 bytes
|
Gaming: 190 packets, 27240 bytes
|
IM: 3357 packets, 180607 bytes
|
Newsgroups: 13 packets, 552 bytes
|
P2P: 745381 packets, 710750775 bytes
|
Streaming: 7585 packets, 645677 bytes
|
TFTP: 0 packets, 0 bytes
|
VoIP: 266 packets, 77387 bytes
|
Generic TCP: 8164753725 packets, 3162082577451 bytes
|
Generic UDP: 853641870 packets, 605199939409 bytes
|
Generic ICMP: 695193 packets, 45747248 bytes
|
Generic IP: 849579 packets, 27297280 bytes
|
ystem
performance status
status
4-
Get System interface physical
Firewall interface
bilgilerini ekrana basar. Up-down durumu , port speed değerini,
configürasyonlarını..
mode: static ip: 192.168.100.99 255.255.255.0 ipv6: ::/0 status: down speed: n/a ==[port2] mode: static ip: 10.18.27.1 255.255.255.0 ipv6: ::/0 status: up speed: 1000Mbps (Duplex: full) ==[port3] mode: static ip: 0.0.0.0 0.0.0.0 ipv6: ::/0 status: down speed: n/a ==[port4] mode: static ip: 0.0.0.0 0.0.0.0 ipv6: ::/0 status: down --More-- speed: n/a ==[port5] mode: static ip: 0.0.0.0 0.0.0.0 ipv6: ::/0 status: down speed: n/a ==[port6] mode: static ip: 0.0.0.0 0.0.0.0 ipv6: ::/0 status: down speed: n/a ==[port7] mode: static ip: 0.0.0.0 0.0.0.0 ipv6: ::/0 status: down speed: n/a ==[port8] mode: static ip: 0.0.0.0 0.0.0.0 ipv6: ::/0 status: down --More--
5-
diagnose hardware deviceinfo nic portname
istenilen
interfacedeki rx-tx bilgilerini , mac bilgisini ,speed bilgisini,
duplex bilgisini ekrana basar
Name :np6_0P Duplex :Fulllink_status :Up
rx_link_status :1 int_phy_link :0 local_fault :0 local_warning :0 remote_fault :0 ============ Counters =========== Rx Pkts :3813839726 Rx Bytes :2096301577335 Tx Pkts :3650661339 Tx Bytes :872587253486 Host Rx Pkts :38385339 Host Rx Bytes :7236727304 Host Rx dropped :0 Host Tx Pkts :52348894 Host Tx Bytes :56566210280 Host Tx dropped :0 FGT6HD3915800179 #
6-
get route info router-table all
cihazın route
çıktısını basar
7-
execute backup full-config tftp <config name > tftp server
Yedeğinizi
belirttiğiniz tftp server'a gönderir
8-
Diagnose sys top-summary
özellikle cpu ve
memry tarafında fazla kullanım olduğu durumlarda analizinizi
kolaylaştıracak , belki de en sık kullanacağınız komuttur.
Çalışan proccesleri ve memory cpu kullanımını , proccess
id'lerini ekrana basar.
PID RSS ^CPU% MEM% FDS TIME+ NAME
|
* 87 296M 8.4 3.7 16487 51:47.60 proxyd [x11]
|
76 1G 7.5 17.0 222 00:47.20 ipsmonitor [x9]
|
85 25M 5.6 0.3 11 00:00.28 httpclid [x3]
|
1493 44M 4.6 0.6 107 00:03.94 scanunitd [x8]
|
50 24M 0.0 0.3 13 00:34.44 cmdbsvr
|
58 11M 0.0 0.2 87 00:10.46 zebos_launcher [x12]
|
1212 11M 0.0 0.1 16 00:00.80 ntpd
|
1731 30M 0.0 0.4 12 00:00.60 pyfcgid [x4]
|
69 11M 0.0 0.1 12 00:00.00 uploadd
|
70 28M 0.0 0.4 38 38:58.22 miglogd [x4]
|
71 11M 0.0 0.1 12 00:22.91 ipmc_sensord
|
72 11M 0.0 0.1 8 00:00.29 kmiglogd
|
73 64M 0.0 0.8 25 00:11.55 httpsd [x5]
|
75 11M 0.0 0.1 8 00:00.50 getty
|
77 11M 0.0 0.1 10 00:00.20 merged_daemons
|
78 12M 0.0 0.2 12 00:00.00 fnbamd
|
79 11M 0.0 0.1 11 00:00.00 fclicense
|
80 13M 0.0 0.2 20 00:02.25 forticron
|
81 12M 0.0 0.2 15 00:00.98 forticldd
|
82 14M 0.0 0.2 44 00:09.73 authd
|
9-
show system session-ttl
session timeout
değerlerini ekrana basar . Örnekte Default olarak 1800 ,ama oracle
db'de bu değeri farklı belirtmişiz
show system session-ttl
|
config system session-ttl
|
set default 1800
|
config port
|
edit 1521
|
set protocol 6
|
set timeout xxxxx
|
set start-port 1521
|
set end-port 1521
|
next
|
end
|
end
|
|
10-
get system memory
Ram durumunu ekrana
basar .
total: used: free: shared: buffers: cached: shm:
|
Mem: 8349249536 4410527744 3938721792 0 134475776 421343232 408412160
|
Swap: 0 0 0
|
MemTotal: 8153564 kB
|
MemFree: 3846408 kB
|
MemShared: 0 kB
|
Buffers: 131324 kB
|
Cached: 411468 kB
|
SwapCached: 0 kB
|
Active: 278340 kB
|
Inactive: 264572 kB
|
HighTotal: 0 kB
|
HighFree: 0 kB
|
LowTotal: 8153564 kB
|
LowFree: 3846408 kB
|
SwapTotal: 0 kB
|
SwapFree: 0 kB
|
Yorumlar
Yorum Gönder