10.2.7.1. How To Check Machine Status

Operation Confirmed Version:
 Brocade 5600vRouter Version4.2R1S1
This section describes status check commands in terms of Brocade 5600vRouter.

Version check

  • show version command

Use to check the version of Brocade 5600vRouter.
user-admin@FW01:~$ show version
Version:      4.2R1S1
Description:  Brocade vRouter 5600 4.2R1S1
Built on:     Wed Jul 20 10:43:55 UTC 2016
System type:  Intel 64bit
Boot via:     image
Hypervisor:   KVM
HW model:     OpenStack Nova
HW S/N:       37353532-3538-5347-4835-35325637584b
HW UUID:      5CE6295C-F0AC-41FA-88AA-1C36C710E9C4
Uptime:       09:25:32 up 10 days,  6:12,  1 user,  load average: 0.00, 0.00, 0.00
user-admin@FW01:~$

Memory consumption check

  • show system memory command

Use to check the status of memory space being used by Brocade 5600vRouter.
user-admin@FW01:~$ show system memory
             total       used       free     shared    buffers     cached
Mem:       8179708    5392308    2787400     164400     110444     384732
Swap:            0          0          0
Total:     8179708    5392308    2787400
user-admin@FW01:~$

Interface status check

  • show interfaces command

Use to check the status of interface which has been set to Brocade 5600vRouter and its IP address.
user-admin@FW01:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
dp0s3            100.xx.xx.55/20                   u/u
dp0s4            172.16.1.31/24                    u/u
dp0s5            172.16.80.1/24                    u/u
dp0s6            -                                 A/D
dp0s7            10.0.0.31/24                      u/u
dp0vrrp1         172.16.1.33/32                    u/u
user-admin@FW01:~$
  • show interfaces <Interface name>

Use to check detailed interface information. This command allows to check the count value and MAC address of the interface.
The interface name which can be specified can be known with the help (?) function of the command or the show interfaces command.
user-admin@FW01:~$ show interfaces dp0s7
dp0s7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether fa:16:3e:10:9e:5d brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.31/24 brd 10.0.0.255 scope global dp0s7
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe10:9e5d/64 scope link
       valid_lft forever preferred_lft forever
    uptime: 10 days, 5 hours, 54 minutes, and 19 seconds transitions: 1 last-change: 2017-03-16T03:14:20+0000

    RX:  bytes    packets     errors    ignored    overrun      mcast
       1277051      13078          0          0          0          0
    TX:  bytes    packets     errors    dropped    carrier collisions
        699214       3919          0          0          0          0
user-admin@FW01:~$

ARP status check

  • show arp command

Use to display an ARP table.
user-admin@FW50:~$ show arp
IP Address         HW address        Dataplane  Controller Device
100.xx.xx.1        00:00:xx:xx:01:0b VALID      VALID      dp0s3
192.168.50.11      fa:16:xx:xx:0a:44 VALID      VALID      dp0s4
172.16.110.10      fa:16:xx:xx:c6:57 VALID      VALID      dp0s5
172.16.110.30      fa:16:xx:xx:38:4d VALID      VALID      dp0s5
172.16.110.70      fa:16:xx:xx:9b:3a VALID      VALID      dp0s5
10.0.0.10          fa:16:xx:xx:f8:34 VALID      VALID      dp0s7
10.0.0.8           fa:16:xx:xx:2e:8f VALID      VALID      dp0s7
user-admin@FW50:~$

Note

The display result above has been partially mask-processed.

  • reset ip arp address X.X.X.X command

Use to reset the ARP information of a specific IP address.
In the example below, the ARP information of “172.16.110.70” is reset.
user-admin@FW50:~$ reset ip arp address 172.16.110.70
uesr-admin@FW50:~$ sho arp
IP Address         HW address        Dataplane  Controller Device
100.xx.xx.1        00:00:xx:xx:01:0b VALID      VALID      dp0s3
192.168.50.11      fa:16:xx:xx:0a:44 VALID      VALID      dp0s4
172.16.110.10      fa:16:xx:xx:c6:57 VALID      VALID      dp0s5
172.16.110.30      fa:16:xx:xx:38:4d VALID      VALID      dp0s5
10.0.0.10          fa:16:xx:xx:f8:34 VALID      VALID      dp0s7
10.0.0.8           fa:16:xx:xx:2e:8f VALID      VALID      dp0s7
172.16.110.70      0:0:0:0:0:0                  VALID      dp0s5
  • reset ip arp interface dp0sX command

Use to reset the ARP information of a specific interface.
In the example below, the ARP information of interface “dp0s4” is reset.
user-admin@FW50:~$ reset ip arp interface dp0s4
user-admin@FW50:~$ show arp
IP Address         HW address        Dataplane  Controller Device
100.xx.xx.1        00:00:xx:xx:01:0b VALID      VALID      dp0s3
172.16.110.10      fa:16:xx:xx:c6:57 VALID      VALID      dp0s5
172.16.110.30      fa:16:xx:xx:38:4d VALID      VALID      dp0s5
172.16.110.70      fa:16:xx:xx:9b:3a VALID      VALID      dp0s5
10.0.0.10          fa:16:xx:xx:f8:34 VALID      VALID      dp0s7
10.0.0.60          fa:16:xx:xx:56:5e VALID      VALID      dp0s7
10.0.0.8           fa:16:xx:xx:2e:8f VALID      VALID      dp0s7
192.168.50.11      0:0:0:0:0:0                  VALID      dp0s4

VRRP status check

  • show vrrp command

This allows to check the summary of VRRP status. Use to check the Master/Backup state of two machines.
# ファイアウォール1号機(MASTER側)

user-admin@FW-01:~$ show vrrp

                                 RFC        Addr   Last        Sync
Interface         Group  State   Compliant  Owner  Transition  Group
---------         -----  -----   ---------  -----  ----------  -----
dp0s4             10     MASTER  dp0vrrp1   no     10h19m18s   <none>

# ファイアウォール2号機(BACKUP側)

user-admin@FW-02:~$ show vrrp

                                 RFC        Addr   Last        Sync
Interface         Group  State   Compliant  Owner  Transition  Group
---------         -----  -----   ---------  -----  ----------  -----
dp0s4             10     BACKUP  dp0vrrp1   no     10h14m10s   <none>
  • show vrrp detail command

This allows to check details about the VRRP status. Use to check the virtual IP address and timer value setting regarding a set VRRP group.
  # ファイアウォール1号機(MASTER側)

user-admin@FW01:~$ show vrrp detail
--------------------------------------------------
Interface: dp0s4
--------------
  Group: 10
  ----------
  State:                        MASTER
  Last transition:              7h37m47s

  Version:                      2
  RFC Compliant
  Virtual MAC interface:        dp0vrrp1
  Address Owner:                no

  Source Address:               172.16.1.31
  Configured Priority:          200
  Effective Priority:           200
  Advertisement interval:       20 sec
  Authentication type:          none
  Preempt:                      enabled

  VIP count:                    1
    172.16.1.33/32

user-admin@FW01:~$

  # ファイアウォール2号機(BACKUP側)

user-admin@FW02:~$ show vrrp detail
--------------------------------------------------
Interface: dp0s4
--------------
  Group: 10
  ----------
  State:                        BACKUP
  Last transition:              7h37m43s

  Master router:                172.16.1.31
  Master priority:              200

  Version:                      2
  RFC Compliant
  Virtual MAC interface:        dp0vrrp1
  Address Owner:                no

  Source Address:               172.16.1.32
  Configured Priority:          150
  Effective Priority:           150
  Advertisement interval:       20 sec
  Authentication type:          none
  Preempt:                      enabled

  VIP count:                    1
    172.16.1.33/32

Routing status check

  • show ip route command

Use to check and display the route information possessed by Brocade 5600vRouter.
Selecting a protocol name enables to display the route of the corresponding protocol.
user-admin@FW01:~$ show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
       O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       > - selected route, * - FIB route, p - stale info

IP Route Table for VRF "default"
C    *> 10.0.0.0/24 is directly connected, dp0s7
S    *> 100.xx.x.64/26 [210/0] via 100.67.64.1, dp0s3
S    *> 100.xx.xx.64/26 [210/0] via 100.67.64.1, dp0s3
C    *> 100.xx.xx.0/20 is directly connected, dp0s3
C    *> 127.0.0.0/8 is directly connected, lo
C    *> 172.16.110.0/24 is directly connected, dp0s5
O    *> 172.16.210.0/24 [110/2] via 172.16.110.10, dp0s5, 5d03h49m
C    *> 192.168.50.0/24 is directly connected, dp0s4
S    *> 192.168.60.0/24 [1/0] is directly connected, vtun0
C    *> 192.168.110.50/32 is directly connected, vtun0
C    *> 192.168.110.60/32 is directly connected, vtun0
user-admin@FW01:~$

NAT status check

  • show nat
Use to check the summary of status when NAT is in use.
user-admin@FW-01:~$ show nat
-----------------------------
NAT Rulesets Information
-----------------------------
--------------------------------------------------------------------------------
SOURCE
rule    intf            match                                   translation
----    ----            -----                                   -----------
10      dp0s7           from 10.0.0.0/24                        dynamic any -> masquerade
DESTINATION
rule    intf            match                                   translation
----    ----            -----                                   -----------
10      dp0s4           proto tcp to 1.x.x.254 port 80          dynamic 172.16.100.100 port 1-65535 <- any
11      dp0s4           proto tcp to 1.x.x.254 port 443         dynamic 172.16.100.200 port 443-443 <- any
user-admin@FW-01:~$
  • show nat source statistics
Use to check the counter of NAT-processed packets and interface information when source NAT is in use.
user-admin@FW02:~$ show nat source statistics
rule    pkts            bytes                   interface       used/total
----    ----            -----                   ---------       ----------
10      525626          524640028               dp0s7           37/65535
user-admin@FW02:~$
  • show nat source translations
Use to check the status of NAT conversion when source NAT is in use.
user-admin@FW02:~$ show nat source translations
Pre-NAT                 Post-NAT                Prot    Timeout

10.0.0.8:56273          153.xxx.xxx.219:56273   udp     55
10.0.0.8:51568          153.xxx.xxx.219:51568   udp     22
10.0.0.8:50793          153.xxx.xxx.219:50793   tcp     86391
10.0.0.8:53875          153.xxx.xxx.219:53875   udp     22
10.0.0.8:50798          153.xxx.xxx.219:50798   tcp     86395
10.0.0.8:58025          153.xxx.xxx.219:58025   udp     27
10.0.0.8:50802          153.xxx.xxx.219:50802   tcp     86367
10.0.0.8:55939          153.xxx.xxx.219:55939   udp     27
user-admin@FW02:~$
  • show nat destination translations
Use to check the status of NAT conversion when destination NAT is in use.
user-admin@FW-01:~$ show nat destination translations
Pre-NAT                 Post-NAT                Prot    Timeout

1.x.x.254:443           172.16.100.200:443      tcp     195
1.x.x.254:80            172.16.100.100:80       tcp     86398
user-admin@FW-01:~$
  • show nat destination statistics
Use to check the counter of NAT-processed packets and interface information when destination NAT is in use.
user-admin@FW-01:~$ show nat destination statistics
rule    pkts            bytes                   interface       used/total
----    ----            -----                   ---------       ----------
10      239             21939                   dp0s4           1/65535
11      257             40070                   dp0s4           1/1
user-admin@FW-01:~$

VPN status check

  • show vpn ipsec sa command

Use to check the tunnel establishment status when IPsec is in use.
Use the show interfaces command to check also the status of interface which has been used for the IPsec tunnel.
# ファイアウォール1号機側でのトンネル状態確認

user-admin@FW01:~$ show vpn ipsec sa
Peer ID / IP                            Local ID / IP
------------                            -------------
153.xx.xxx.182                          153.xx.xx.227

    Tunnel  State  Bytes Out/In     Encrypt       Hash    A-Time  L-Time  Proto
    ------  -----  -------------  ------------  --------  ------  ------  -----
    vti     up     0.0/0.0        aes256        sha1      1698    3600    all

user-admin@FW01:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
dp0s3            100.xx.xx.60/20                   u/u
dp0s4            -                                 A/D
dp0s5            -                                 A/D
dp0s6            153.xxx.xxx.227/29                u/u
dp0s7            192.168.1.12/28                   u/u
vti0             10.1.1.2/30                       u/u

# ファイアウォール2号機側でのトンネル状態確認

user-admin@FW02:~$ show vpn ipsec sa
Peer ID / IP                            Local ID / IP
------------                            -------------
153.xx.xx.227                         153.xx.xx.182

    Tunnel  State  Bytes Out/In     Encrypt       Hash    A-Time  L-Time  Proto
    ------  -----  -------------  ------------  --------  ------  ------  -----
    vti     up     0.0/0.0        aes256        sha1      1364    3600    all

user-admin@FW02:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
dp0s3            100.xx.xx.31/20                   u/u
dp0s4            -                                 A/D
dp0s5            -                                 A/D
dp0s6            -                                 A/D
dp0s7            192.168.3.156/28                  u/u
dp0s8            153.xxx.xx.182/28                 u/u
dp0s9            10.0.0.17/24                      u/u
dp0s10           169.xxx.x.8/17                    u/u
dp0s11           192.168.3.140/28                  u/u
vti0             10.1.1.1/30                       u/u
  • show vpn remote-access command

Use to check the tunnel establishment status when the machine is being used as the termination server of L2TP/IPsec.
Use the show ip route command to check the IP address allocation status of the terminating machine and the interface of the machine.
user-admin@FW01:~$ show vpn remote-access
Active remote access VPN sessions:
User            Proto Iface  Tunnel IP       TX byte RX byte  Time
----            ----- -----  -----------     ------- -------  ----
test-user01     L2TP  ppp0   192.168.3.4         402   10.8K  00h05m28s

user-admin@FW01:~$ show ip route connect
IP Route Table for VRF "default"
C    *> 10.255.0.0/32 is directly connected, ppp0
C    *> xxx.xx.xx.0/20 is directly connected, dp0s3
C    *> 127.0.0.0/8 is directly connected, lo
C    *> 153.xxx.xxx.176/28 is directly connected, dp0s8
C    *> 192.168.3.0/28 is directly connected, dp0s7
C    *> 192.168.3.4/32 is directly connected, ppp0
C    *> 192.168.3.16/28 is directly connected, dp0s11
user-admin@FW01:~$
user-admin@FW01:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
dp0s3            100.xx.xx.30/20                   u/u
dp0s4            -                                 A/D
dp0s5            -                                 A/D
dp0s6            -                                 A/D
dp0s7            192.168.3.12/28                   u/u
dp0s8            153.xxx.xx.xxx/28                 u/u
dp0s9            10.0.0.10/24                      u/u
dp0s10           169.xxx.x.7/17                    u/u
dp0s11           192.168.3.28/28                   u/u
dp0vrrp1         192.168.3.27/32                   u/u
ppp0             10.255.0.0                        u/u  L2TP test-user01
  • show openvpn site-to-site command

Use to check the tunnel establishment status when site-to-site of OpenVPN is in use.
Use the show interfaces command together to check the status of interface (vtun0) for the tunnel.
#FW-1(FW50) OpenVPN tunnel status

user-admin@FW50:~$ show openvpn site-to-site status
OpenVPN client status on vtun0

Remote CN       Remote IP       Tunnel IP       TX byte RX byte Connected Since
--------------- --------------- --------------- ------- ------- ------------------------
None (PSK)      172.16.210.60   192.168.110.60     2.7M    2.7M N/A

user-admin@FW50:~$
user-admin@FW50:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
dp0s3            100.xx.xx.61/20                   u/u
dp0s4            192.168.50.254/24                 u/u
dp0s5            172.16.110.50/24                  u/u
dp0s6            -                                 A/D
dp0s7            10.0.0.50/24                      u/u
vtun0            192.168.110.50                    u/u
user-admin@FW50:~$

#FW-2(FW60) OpenVPN tunnel status

user-admin@FW60:~$ show openvpn site-to-site status
OpenVPN client status on vtun0

Remote CN       Remote IP       Tunnel IP       TX byte RX byte Connected Since
--------------- --------------- --------------- ------- ------- ------------------------
None (PSK)      172.16.110.50   192.168.110.50     2.7M    2.7M N/A

user-admin@FW60:~$
user-admin@FW60:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
dp0s3            100.xx.xx.62/20                   u/u
dp0s4            192.168.60.254/24                 u/u
dp0s5            172.16.210.60/24                  u/u
dp0s6            -                                 A/D
dp0s7            10.0.0.60/24                      u/u
vtun0            192.168.110.60                    u/u
user-admin@FW60:~$
  • show openvpn server(client) status command

Use to check the tunnel establishment status when Server/Client mode of OpenVPN is in use.
Use the show interfaces command together to check the status of interface (vtun0) for the tunnel.
#OpenVPN Server(FW80) OpenVPN tunnel status

user-admin@FW80:~$ show openvpn server status
OpenVPN server status on vtun0

Client CN       Remote IP       Tunnel IP       TX byte RX byte Connected Since
--------------- --------------- --------------- ------- ------- ------------------------
client1         172.16.110.70   192.168.110.2    571.7K  594.5K Sat Mar 25 09:02:06 2017

user-admin@FW80:~$
user-admin@FW80:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
dp0s3            100.xx.xx.65/20                   u/u
dp0s4            192.168.60.80/24                  u/u
dp0s5            172.16.210.80/24                  u/u
dp0s6            -                                 A/D
dp0s7            10.0.0.80/24                      u/u
vtun0            192.168.110.1/24                  u/u
user-admin@FW80:~$


#OpenVPN Client(FW70) OpenVPN tunnel status

user-admin@FW70:~$ show openvpn client status
OpenVPN client status on vtun0

Server CN       Remote IP       Tunnel IP       TX byte RX byte Connected Since
--------------- --------------- --------------- ------- ------- ------------------------
N/A             172.16.210.80   N/A              601.4K  596.0K N/A

user-admin@FW70:~$
user-admin@FW70:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
dp0s3            100.xx.xx.64/20                   u/u
dp0s4            192.168.50.70/24                  u/u
dp0s5            172.16.110.70/24                  u/u
dp0s6            -                                 A/D
dp0s7            10.0.0.70/24                      u/u
vtun0            192.168.110.2/24                  u/u
user-admin@FW70:~$

Firewall status check

  • show firewall command

Use to check settings of individual rules and the number of corresponding packets when firewall rules have been set and applied to the interface.

Note

Firewall rules which are set for ECL2.0 management are also visible, but have been omitted in the example below.

user-admin@FW02:~$ show firewall
---------------------------------------
Rulesets Information: Firewall
---------------------------------------
--------------------------------------------------------------------------------
Firewall "all_accept":
Active on (dp0s7, out)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
default allow   any             3154            536664
  condition - all

Firewall "allow_ssh":
Active on (dp0s7, in)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
10      allow   tcp             13894           1715334
  condition - stateful proto tcp to any port 22

default drop    any             2278            111714
  condition - all

Firewall "default_state_group":
Active on (dp0s7)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
100     allow   tcp             0               0
  condition - stateful proto tcp

200     allow   udp             0               0
  condition - stateful proto udp

300     allow   icmp            0               0
  condition - stateful proto icmp

Firewall "all_accept":
Active on (dp0s4, in)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
default allow   any             4590            801935
  condition - all

Firewall "default_state_group":
Active on (dp0s4)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
100     allow   tcp             8348            6446924
  condition - stateful proto tcp

200     allow   udp             5375            828403
  condition - stateful proto udp

300     allow   icmp            3               294
  condition - stateful proto icmp
  • clear firewall command

Use this command to clear the count of packets which can be shown through the show firewall command.
This command can be used to check how much information the packet counter counts during the specified measurement time.

Note

Due to the resultant log acquired through SSH, packets are counted regarding the SSH portion.

user-admin@FW02:~$ clear firewall
user-admin@FW02:~$ show firewall
---------------------------------------
Rulesets Information: Firewall
---------------------------------------
--------------------------------------------------------------------------------
Firewall "all_accept":
Active on (dp0s7, out)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
default allow   any             0               0
  condition - all

Firewall "allow_ssh":
Active on (dp0s7, in)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
10      allow   tcp             70              6300
  condition - stateful proto tcp to any port 22

default drop    any             0               0
  condition - all

Firewall "default_state_group":
Active on (dp0s7)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
100     allow   tcp             0               0
  condition - stateful proto tcp

200     allow   udp             0               0
  condition - stateful proto udp

300     allow   icmp            0               0
  condition - stateful proto icmp

Firewall "all_accept":
Active on (dp0s4, in)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
default allow   any             0               0
  condition - all

Firewall "default_state_group":
Active on (dp0s4)
rule    action  proto           packets         bytes
----    ------  -----           -------         -----
100     allow   tcp             0               0
  condition - stateful proto tcp

200     allow   udp             0               0
  condition - stateful proto udp

300     allow   icmp            0               0
  condition - stateful proto icmp
  • show session-table command

Use to display the current flow table when a function which uses the firewall in the stateful manner is in use.
Use to display the current flow table when a function which uses the firewall in the stateful manner is in use.

Note

The global address portion has been masked here, but in practice it is shown.

user-admin@FW02:~$ show session-table
TCP state codes: SS - SYN SENT, SR - SYN RECEIVED, ES - ESTABLISHED,
                 FW - FIN WAIT, CW - CLOSE WAIT, LA - LAST ACK,
                 TW - TIME WAIT, CL - CLOSE, LI - LISTEN

CONN ID         Source                          Destination                     Protocol        TIMEOUT Intf            Parent
43900           10.0.0.8:56273                  94.xxx.xxx.253:3544             udp [17] ES     44      dp0s7   0
43901           94.xxx.xxx.253:3544             10.0.0.8:56273                  udp [17] ES     44      dp0s4   0
90600           157.x.xx.248:13254              153.xxx.xxx.219:22              tcp [6] ES      86399   dp0s7   0
90973           157.x.xx.248:48571              153.xxx.xxx.219:22              tcp [6] ES      85681   dp0s7   0
91000           10.0.0.10:48256                 10.0.0.70:22                    tcp [6] ES      85681   dp0s4   0
91161           116.xx.xxx.28:63734             153.xxx.xxx.219:22              tcp [6] TW      104     dp0s7   0
91165           10.0.0.8:50688                  117.xx.xxx.200:443              tcp [6] ES      86327   dp0s7   0
91166           10.0.0.8:50689                  117.xx.xxx.200:443              tcp [6] CW      21584   dp0s7   0
91171           10.0.0.8:50691                  184.xx.xxx.35:80                tcp [6] ES      86327   dp0s7   0
91172           10.0.0.8:50690                  184.xx.xxx.35:80                tcp [6] ES      86327   dp0s7   0
91176           10.0.0.10:38475                 10.0.0.9:514                    udp [17] new    29      dp0s4   0
91177           117.xx.xxx.200:443              10.0.0.8:50689                  tcp [6] CL      0       dp0s4   0
91178           116.xx.xxx.28:22119             153.xxx.xxx.219:22              tcp [6] CL      9       dp0s7   0
user-admin@FW02:~$

Syslog message check

  • show log all command

Use to check syslog messages stored in the machine.
user-admin@FW80:~$ show log all
2017-03-24T09:40:08.270305+00:00 localhost kernel: [    0.000000] Linux version 4.4.15-1-amd64-vyatta (abuild@build-worker5) (gcc version 4.9.2 (Debian 4.9.2-10) ) #1 SMP Thu Jul 14 00:20:54 UTC 2016
2017-03-24T09:40:08.270355+00:00 localhost kernel: [    0.000000] ACPI: RSDP 0x00000000000F0950 000014 (v00 BOCHS )
2017-03-24T09:40:08.270357+00:00 localhost kernel: [    0.000000] ACPI: RSDT 0x00000000BFFFFBF2 000034 (v01 BOCHS  BXPCRSDT 00000001 BXPC 00000001)
2017-03-24T09:40:08.270358+00:00 localhost kernel: [    0.000000] ACPI: FACP 0x00000000BFFFF1C0 000074 (v01 BOCHS  BXPCFACP 00000001 BXPC 00000001)
2017-03-24T09:40:08.270358+00:00 localhost kernel: [    0.000000] ACPI: DSDT 0x00000000BFFFE040 001180 (v01 BOCHS  BXPCDSDT 00000001 BXPC 00000001)
2017-03-24T09:40:08.270359+00:00 localhost kernel: [    0.000000] ACPI: FACS 0x00000000BFFFE000 000040
2017-03-24T09:40:08.270360+00:00 localhost kernel: [    0.000000] ACPI: SSDT 0x00000000BFFFF234 00093E (v01 BOCHS  BXPCSSDT 00000001 BXPC 00000001)
2017-03-24T09:40:08.270361+00:00 localhost kernel: [    0.000000] ACPI: APIC 0x00000000BFFFFB72 000080 (v01 BOCHS  BXPCAPIC 00000001 BXPC 00000001)
2017-03-24T09:40:08.270362+00:00 localhost kernel: [    0.000000] ACPI: RSDT 0x00000000BFFFFBF2 000034 (v01 BOCHS  BXPCRSDT 00000001 BXPC 00000001)
2017-03-24T09:40:08.274742+00:00 localhost kernel: [    0.000000] Kernel command line: BOOT_IMAGE=/boot/4.2R1S1.07201043/vmlinuz boot=live quiet systemd.show_status=1 nofastboot net.ifnames=1 vyatta-union=/boot/4.2R1S1.07201043 console=tty0
2017-03-24T09:40:08.274800+00:00 localhost kernel: [    0.000000] NO_HZ: Clearing 0 from nohz_full range for timekeeping
2017-03-24T09:40:08.274809+00:00 localhost kernel: [    0.010000] ACPI: 2 ACPI AML tables successfully acquired and loaded
2017-03-24T09:40:08.274840+00:00 localhost kernel: [    0.091946] ACPI Exception: AE_NOT_FOUND, While evaluating Sleep State [\_S1_] (20150930/hwxface-580)
2017-03-24T09:40:08.274841+00:00 localhost kernel: [    0.091949] ACPI Exception: AE_NOT_FOUND, While evaluating Sleep State [\_S2_] (20150930/hwxface-580)
2017-03-24T09:40:08.274847+00:00 localhost kernel: [    0.094443] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge.
2017-03-24T09:40:08.274996+00:00 localhost kernel: [    0.136128] ACPI: Enabled 16 GPEs in block 00 to 0F
2017-03-24T09:40:08.275001+00:00 localhost kernel: [    0.136314] SCSI subsystem initialized
2017-03-24T09:40:08.275037+00:00 localhost kernel: [    0.138907] ACPI: PCI Interrupt Link [LNKD] enabled at IRQ 11
2017-03-24T09:40:08.275047+00:00 localhost kernel: [    2.054725] audit: type=2000 audit(1490348397.697:1): initialized
2017-03-24T09:40:08.275059+00:00 localhost kernel: [    2.117723] NO_HZ FULL will not work with unstable sched clock
2017-03-24T09:40:08.275104+00:00 localhost kernel: [    2.137383] random: systemd-udevd urandom read with 2 bits of entropy available
2017-03-24T09:40:08.275105+00:00 localhost kernel: [    2.144404] ACPI: PCI Interrupt Link [LNKC] enabled at IRQ 10
2017-03-24T09:40:08.275109+00:00 localhost kernel: [    2.150514] ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 10
2017-03-24T09:40:08.275177+00:00 localhost kernel: [   11.413872] audit: type=1305 audit(1490348406.780:2): audit_pid=1489 old=0 auid=4294967295 ses=4294967295 res=1
2017-03-24T09:40:08.275474+00:00 localhost audispd: No plugins found, exiting
2017-03-24T09:40:08.275477+00:00 localhost ntpdate[1584]: Can't find host 0.debian.pool.ntp.org: Name or service not known (-2)
2017-03-24T09:40:08.275480+00:00 localhost ntpdate[1584]: Can't find host 1.debian.pool.ntp.org: Name or service not known (-2)
2017-03-24T09:40:08.275483+00:00 localhost ntpdate[1584]: Can't find host 2.debian.pool.ntp.org: Name or service not known (-2)
2017-03-24T09:40:08.275487+00:00 localhost ntpdate[1584]: Can't find host 3.debian.pool.ntp.org: Name or service not known (-2)
2017-03-24T09:40:08.275490+00:00 localhost ntpdate[1584]: no servers can be used, exiting
2017-03-24T09:40:08.275496+00:00 localhost auditd[1489]: Init complete, auditd 2.4 listening for events (startup state enable)
2017-03-24T09:40:10.130326+00:00 localhost NSM[1869]:  NSM-6init_trial_check: Non-trial init
2017-03-24T09:40:10.207811+00:00 localhost RIB[1871]:  RIB-6RIBd (1.2.0) starts
2017-03-24T09:40:10.702687+00:00 localhost OSPF[1885]:  OSPF-6OSPFd (1.2.0) starts
2017-03-24T09:40:10.761108+00:00 localhost OSPFv3[1887]:  OSPFv3-6OSPF6d (1.2.0) starts