FORTIGATE - Packet Debug Flow

From Wiki.IT-Arts.net
Revision as of 13:24, 18 August 2024 by Admin (talk | contribs) (Created page with "Category:Post-It FortiOS 6.2.12 Cookbook / FortiOS 7.4.3 Administration Guide == Quick Example == To start flow monitoring with a specific number of packets : <nowiki> diagnose debug flow trace start <N></nowiki> To stop flow tracing at any time : <nowiki> diagnose debug flow trace stop</nowiki> The following example shows the flow trace for a device with an IP address of W.X.Y.Z : <nowiki> diagnose debug enable diagnose debug flow filter addr W.X.Y.Z di...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


FortiOS 6.2.12 Cookbook / FortiOS 7.4.3 Administration Guide


Quick Example

To start flow monitoring with a specific number of packets :

diagnose debug flow trace start <N>

To stop flow tracing at any time :

diagnose debug flow trace stop

The following example shows the flow trace for a device with an IP address of W.X.Y.Z :

diagnose debug enable
diagnose debug flow filter addr W.X.Y.Z
diagnose debug flow show function-name enable
diagnose debug flow trace start 100


Diagnose Debug Flow Command

To follow packet flow by setting a flow filter:

# diagnose debug flow {filter | filter6} <option>
  • Enter filter if your network uses IPv4.
  • Enter filter6 if your network uses IPv6.

Replace <option> with one of the following variables:

Variable Description : addr IPv4 or IPv6 address clear clear filter daddr destination IPv4 or IPv6 address dport destination port negate inverse IPv4 or IPv6 filter port port proto protocol number saddr source address sport source port vd index of virtual domain; -1 matches all


Usefull Links