FORTIGATE - Packet Debug Flow: Difference between revisions

From Wiki.IT-Arts.net
No edit summary
Line 49: Line 49:
saddr source address
saddr source address
sport source port
sport source port
vd index of virtual domain; -1 matches all</nowiki>
vd index of virtual domain; -1 matches all</nowiki>
 
 


== Usefull Links ==
== Usefull Links ==

Revision as of 13:26, 18 August 2024


FortiOS 6.2.12 Cookbook / FortiOS 7.4.3 Administration Guide

Quick Example

To start flow monitoring with a specific number of packets :

diagnose debug flow trace start <N>

To stop flow tracing at any time :

diagnose debug flow trace stop

The following example shows the flow trace for a device with an IP address of W.X.Y.Z :

diagnose debug enable
diagnose debug flow filter addr W.X.Y.Z
diagnose debug flow show function-name enable
diagnose debug flow trace start 100


Diagnose Debug Flow Command

To follow packet flow by setting a flow filter:

# diagnose debug flow {filter | filter6} <option>
  • Enter filter if your network uses IPv4.
  • Enter filter6 if your network uses IPv6.

Replace <option> with one of the following variables:

Variable Description :

addr		IPv4 or IPv6 address
clear		clear filter
daddr		destination IPv4 or IPv6 address
dport		destination port
negate		inverse IPv4 or IPv6 filter
port		port
proto		protocol number
saddr		source address
sport		source port
vd		index of virtual domain; -1 matches all

Usefull Links