Skip to main content

[ScreenOS] Snoop and debug flow

Debug flow basic:
Understanding debug flow filters:
Running "debug flow basic":
How do I capture debugging (debug flow) information?:
When to use 'snoop' and 'debug flow':

How do you use Snoop for troubleshooting?:
What options are available when configuring snoop?:
How to apply the logical 'AND' or 'OR' snoop filters:
How do I interpret the snoop output?
How to follow a packet by using Snoop:
How do I view snoop output in Wireshark?:


Popular posts from this blog

[IDP Series] NIC Bypass

The Internal NICBypass helps prevent network outage due to IDP entering a hang state or experiencing high CPU utilization when the IDP device is in inline mode (transparent mode only). The internal NICBypass employs WatchDog Timers to achieve the functionality. The nicBypass script which is located in /usr/idp/device/bin/ prevents the interfaces from going into bypass mode when the IDP is working normally by resetting the watchdog timer. It also restores the interfaces to normal mode if they had gone into Bypass mode. The nicBypass script performs this check and takes the action (if required) every "loopInterval" seconds (the script 'sleeps' for "loopInterval" seconds).  These two parameters can be configured via the idp.cfg file on the IDP Sensor as shown below:                                                                                                                nicBypass.watchdogInterval             10 (secs)  nicBypass.loopInt

[vSRX] Installing on KVM

Two ways VirtManager(GUI) virt install (cli) Other ways (Qemu) On Server: uname -a lscpu (architecture, support virtualization (VT-X), NUMA) lspci / lspci -vvv |grep Ether dmidecode lsmod | grep kvm virsh - qemu:///system list virsh dumpxml <instance ID> (will show configuration file for the VM, similar to .vmx file in vmware) virsh net-list --all virsh domiflist <vm-name> brctl show

[ScreenOS] Firmware upgrade

screenos upgrade:  Please find the upgrade process below to upgrade remaining firewalls (if boot loader and image key are proper there is no need to update them)  1.       Upgrade the image key >> GUI access or Console + TFTP access is required.  2.       Upgrade the OS >> CLI+TFTP access is required.  3.       Upgrade the Boot loader >> Console + TFTP access required.  The firewall is in cluster, to upgrade the backup unit first you will need manage-ip configured on it.  Points to check before upgrading firewall:  ++ Please check nsrp status ‘get nsrp’. There should be a master and a primary backup (PB) available.  ++ Check the sessions on master and backup ‘get session info’ à this will ensure that session synchronization is happening properly.  ++ Check the routes on both the firewalls and they should be identical.  ++ Check whether both firewalls are in sync ‘exec nsrp sync globacl checksum’  ++ All above checks are done whether backup firewall is