Difference between revisions of "How to perform firewall flow filter debugging"

Latest revision as of 03:31, 8 August 2016

The debug buffer is a circular buffer, once the buffer has reached the size limit, the oldest data will be overwritten.
The buffer size is configurable.
To change the size, use the following commands:

set db size 4096
set console dbuf
clear db

To set-up the flow filter:

get ffilter
set ffilter src-ip / dst-ip ... (see the CLI-help for more ffilter options) (same row = AND, more rows = OR)
debug flow basic

Reproduce the issue. The timestamp resolution of the output is in tenths of a second. Stop the ffilter and then display the output with the following commands:

undebug all
get dbuf stream or get dbuf stream > tftp <host> <name-of-file>

Revision as of 05:54, 7 March 2012 (view source) Jebr (Talk \| contribs) ← Older edit		Latest revision as of 03:31, 8 August 2016 (view source) Fabricio.Lima (Talk \| contribs)
Line 1:		Line 1:
−	[[Category:~~Juniper Networks~~]]	+	[[Category:Juniper_Networks]]

	The debug buffer is a circular buffer, once the buffer has reached the size limit, the oldest data will be overwritten.<br />The buffer size is configurable.<br />		The debug buffer is a circular buffer, once the buffer has reached the size limit, the oldest data will be overwritten.<br />The buffer size is configurable.<br />

Difference between revisions of "How to perform firewall flow filter debugging"

Latest revision as of 03:31, 8 August 2016

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools