juniper debug排错

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

1. Enter Config Mode //进入配置模式
netquirker@fw1> configure
{primary:node0}[edit]
netquirker@fw1#

2. Set Parameters //设置debug参数
set security flow traceoptions file MY_DEBUG
set security flow traceoptions flag basic-datapath
set security flow traceoptions packet-filter MATCH_TRAFFIC source-prefix 1.1.1.1/32
commit

3. Activate the Debug Process //激活debug进程
activate security flow traceoptions

4. Verify that it’s working //验证debug工作状态
show security flow traceoptions

5. Exit config mode
exit

6. Perform debugging //执行调试
Initiate relevant traffic flows

7. Show the log file to view debug output //查看debug日志文件
show log MY_DEBUG

#关闭debug
8. Re-enter config mode
netquirker@fw1> configure
{primary:node0}[edit]
netquirker@fw1#

9. Deactivate the logging
deactivate security flow traceoptions

10. Remove previously added parameters
delete security flow traceoptions file MY_DEBUG
delete security flow traceoptions flag basic-datapath
delete security flow traceoptions packet-filter MATCH_TRAFFIC source-prefix 1.1.1.1/32
commit
exit


Miscellaneous
Showing log files and delete them and deleting files
file list /cf/var/log
file delete /cf/var/log/MY_DEBUG
file delete /cf/var/log/DMY_DEBUG.0.gz
Example output when disabling debug


netquirker@fw1# show security flow traceoptions
flag basic-datapath;
packet-filter MATCH_TRAFFIC {
source-prefix 1.1.1.1/32;
}
{primary:node0}[edit]
netquirker@fw1# deactivate security flow traceoptions
{primary:node0}[edit]
netquirker@fw1# show security flow traceoptions
##
## inactive: security flow traceoptions
##
flag basic-datapath;
packet-filter MATCH_TRAFFIC {
source-prefix 1.1.1.1/32;
}
{primary:node0}[edit]

netquirker@fw1#