Fortigate CLI Durum Görüntüleme Komutları

Okuma süresi: 9 dakika

Fortigate gerek sunduğu UTM çözümleri, gerek kullanım kolaylığı ile son yıllarda tartışmasız kamu/özel sektör farketmeksizin en fazla kullanılan Firewall/Güvenlik markalarının başında gelmektedir. Yönetimsel olarak çok basit bir arayüze sahip olan GUI’sinin yanı sıra daha fazlasına olanak sağlayan CLI arabirimi de oldukça kullanışlıdır.

Bu yazımda fortigate 20C/30D gibi en küçük ürünlerden 1500D/3240C gibi üst seviye cihazlara kadar hemen hemen bütün fortigate ürünlerinde sıklıkla kullandığım CLI komutlarını paylaşacağım.

show –> Cihaz üzerindeki konfigürasyonu default parametreler olmadan gösterir.Note that output is only non-default values.
show full-configuration –> Cihaz üzerindeki bütün konfigürasyonu gösterir.
show system interface port1 | grep -A2 ip –> Port1 interface’i üzerindeki konfigürasyondan içerisinde “ip” geçen satırı ve sonraki 2 satırı gösterir.
show system interface –> Interface konfigürasyonunu gösterir.
diagnose hardware deviceinfo nic –> Donanımsal Interface istatistiksel bilgilerini gösterir.
diagnose hardware sysinfo memory –> Donanımsal hafıza bilgisini gösterir.
get hardware nic –> Cihaz üzerinde fiziksel olarak kullanılabilecek interface’leri gösterir.
diagnose ip address list –> Interface’ler üzerindeki ip/subnet bilgisini gösterir.
get system interface physical –> Cihaz üzerinde fiziksel olarak kullanılabilecek interface’lerin durum/ip/hız/duplex ayarlarını gösterir.
get system info admin status –> Cihaza login olmuş kullanıcıları gösterir.
get system status –> Sistemin donanım/yazılım versiyonlarını gösterir.
get hardware status –> Detaylı donanım model bilgisini gösterir.
get system performance status –> Cihazın o anki çalışma performans bilgisini gösterir
get system performance top –> Cihazın o anda en fazla kaynaklarını tüketen uygulamaları gösterir (Bu konuyla ilgili daha detaylı bir yazım olacaktır.)
get system session status –> Cihaz üzerindeki anlık toplam session sayısını gösterir.
get system session-info full-stat –> Cihaz üzerindeki anlık toplam session sayısını daha detaylı gösterir.
get system session list –> Satır satır session bilgisini gösterir.

get system global | grep -i timer –> Global olarak tcp/udp session sürelerini gösterir.
get system session-ttl –> Sistemin varsayılan tcp-idle session zamanaşımı süresini gösterir.
execute ha manage –> Cluster olarak çalışan sistemdeki slave cihaza ulaşmak veya slave cihazdan master’a dönmek için kullanılır.

diagnose ip arp list –> Detaylı port/ip/mac ile arp bilgisini gösterir.
diagnose ip arp list | grep 10.101.0.23 –>Arp tablosu içerisinden ilgili ip’yi sorgulayarak sadece o satırır getirir.
get system arp –> Basit port/ip/mac ile arp bilgisini gösterir.

get router info routing-table all –> Bütün halde Routing tablosunu gösterir.
get router info routing-table static –> Static route’larla oluşturulmuş routing tablosunu gösterir.
show router static –> Yazılmış statik route’larla ilgili tabloyu gösterir.
get router info kernel –> Cihazın kernel’ı(çekirdek) üzerindeki routing-tablosunu gösterir.

Yukarıdaki bütün komutları içeren örnekleri altta bulabilirsiniz:

Test-FW1 # show
#config-version=FG300C-5.00-FW-build252-131031:opmode=1:vdom=0:user=admin
#conf_file_ver=7670579497414703770
#buildno=0252
#global_vdom=1
config system global
set admin-https-redirect disable
set admin-port 12080
set admin-sport 12443
set admintimeout 20
set fgd-alert-subscription advisory latest-threat
set gui-dlp enable
set gui-explicit-proxy enable
set gui-load-balance enable
set gui-sslvpn-personal-bookmarks enable
set gui-sslvpn-realms enable
set gui-wireless-controller disable
set hostname “Test-FW1”
set revision-backup-on-logout enable
set revision-image-auto-backup enable
set service-expire-notification disable
set timezone 31
end

Test-FW1 # show full-configuration
#config-version=FG300C-5.00-FW-build252-131031:opmode=1:vdom=0:user=admin
#conf_file_ver=7670579497414703770
#buildno=0252
#global_vdom=1
config system global
set admin-concurrent enable
set admin-console-timeout 0
set admin-https-pki-required disable
set admin-https-redirect disable
set admin-lockout-duration 60
set admin-lockout-threshold 3
set admin-maintainer enable
set admin-port 12080
set admin-scp disable
set admin-server-cert “Fortinet_Factory”
set admin-sport 12443
set admin-ssh-grace-time 120
set admin-ssh-port 1222
set admin-ssh-v1 disable
set admin-telnet-port 23
set admintimeout 20
set allow-traffic-redirect enable
set anti-replay strict
set auth-cert “self-sign”
set auth-http-port 1000
set auth-https-port 1003
set auth-keepalive disable
set auth-policy-exact-match enable
set av-failopen pass
set av-failopen-session disable
set batch-cmdb enable
set block-session-timer 30
set cert-chain-max 8
set cfg-save automatic
set check-protocol-header loose
set check-reset-range disable
set clt-cert-req disable
set csr-ca-attribute enable
set daily-restart disable
set dst enable
set endpoint-control-fds-access enable
set endpoint-control-portal-port 8009
set explicit-proxy-auth-timeout 300
set fds-statistics enable
set fgd-alert-subscription advisory latest-threat
set forticlient-reg-port 8010
set gui-antivirus enable
set gui-ap-profile enable
set gui-application-control enable
set gui-central-nat-table disable
set gui-certificates enable
set gui-client-reputation enable
set gui-dlp enable
set gui-dns-database disable
set gui-dynamic-profile-display disable
set gui-dynamic-routing enable
set gui-endpoint-control enable
set gui-explicit-proxy enable
set gui-icap disable
set gui-implicit-policy enable
set gui-ips enable
set gui-ipsec-manual-key disable
set gui-ipv6 disable
set gui-lines-per-page 50
set gui-load-balance enable
set gui-local-in-policy disable
set gui-multicast-policy disable
set gui-multiple-utm-profiles enable
set gui-nat46-64 disable
set gui-object-tags disable
set gui-policy-based-ipsec disable
set gui-replacement-message-groups disable
set gui-spamfilter disable
set gui-sslvpn-personal-bookmarks enable
set gui-sslvpn-realms enable
set gui-utm-monitors disable
set gui-voip-profile disable
set gui-vpn enable
set gui-vulnerability-scan disable
set gui-wanopt-cache disable
set gui-webfilter enable
set gui-wireless-controller disable
set gui-wireless-opensecurity disable
set hostname “Test-FW1”
set http-obfuscate modified
set ip-src-port-range 1024-25000
set ipsec-hmac-offload enable
set ipv6-accept-dad 1
set language english
set ldapconntimeout 500
set login-timestamp disable
set management-vdom “root”
set max-dlpstat-memory 5
set max-report-db-size 1024
set optimize-ssl disable
set phase1-rekey enable
set policy-auth-concurrent 0
set post-login-banner disable
set pre-login-banner disable
set radius-port 1812
set refresh 0
set registration-notification enable
set remoteauthtimeout 5
set reset-sessionless-tcp disable
set revision-backup-on-logout enable
set revision-image-auto-backup enable
set send-pmtu-icmp enable
set service-expire-notification disable
set sslvpn-cipher-hardware-acceleration enable
set sslvpn-kxp-hardware-acceleration enable
set strict-dirty-session-check enable
set strong-crypto disable
set tcp-halfclose-timer 120
set tcp-halfopen-timer 10
set tcp-option enable
set tcp-timewait-timer 1
set timezone 31
set tos-based-priority medium
set two-factor-email-expiry 60
set two-factor-ftm-expiry 72
set two-factor-sms-expiry 60
set udp-idle-timer 180
set use-usb-wan disable
set user-server-cert “self-sign”
set vdom-admin disable
set vip-arp-range restricted
set virtual-server-hardware-acceleration enable
set wifi-ca-certificate “PositiveSSL_CA”
set wifi-certificate “Fortinet_Wifi”
set wimax-4g-usb disable
set wireless-controller enable
set wireless-controller-port 5246
set fds-statistics-period 60
end

Test-FW1 # show system interface port1
config system interface
edit “port1”
set vdom “root”
set ip 10.106.130.254 255.255.255.0
set allowaccess ping https ssh http
set type physical
set alias “Management”
set snmp-index 1
next
end

Test-FW1 # show system interface port1 | grep ip
set ip 10.106.130.254 255.255.255.0

Test-FW1 # show system interface port1 | grep -A3 ip
set ip 10.106.130.254 255.255.255.0
set allowaccess ping https ssh http
set type physical
set alias “Management”

Test-FW1 # get system info admin status
Index User name Login type From
Logged in users: 2
USERNAME TYPE FROM TIME
admin https 195.8.173.90 Fri May 1 15:22:10 2015

admin ssh 195.8.173.90 Fri May 1 15:22:40 2015

Test-FW1 # get system status
Version: FortiGate-300C v5.0,build0252,131031 (GA Patch 5)
Virus-DB: 25.00527(2015-04-30 13:11)
Extended DB: 25.00527(2015-04-30 13:10)
IPS-DB: 6.00638(2015-04-28 00:05)
IPS-ETDB: 0.00000(2000-00-00 00:00)
Serial-Number: XXXXXXXXXXXXXXXXX
Botnet DB: 2.00222(2015-04-30 10:30)
BIOS version: 04000022
System Part-Number: P09616-06
Log hard disk: Available
Hostname: Test-FW1
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 252
Release Version Information: GA Patch 5
System time: Fri May 1 15:29:13 2015

Test-FW1 # get hardware status
Model name: FortiGate-300C
ASIC version: CP6
ASIC SRAM: 64M
CPU: Intel(R) Celeron(R) CPU 440 @ 2.00GHz
Number of CPUs: 1
RAM: 2020 MB
Compact Flash: 30653 MB /dev/sda
Hard disk: 30533 MB /dev/sda
USB Flash: not available
Network Card chipset: Intel(R) PRO/1000 Network Connection (rev.0000)

Test-FW1 # get system performance status
CPU states: 0% user 1% system 0% nice 99% idle
CPU0 states: 0% user 1% system 0% nice 99% idle
Memory states: 34% used
Average network usage: 35256 kbps in 1 minute, 30648 kbps in 10 minutes, 28031 kbps in 30 minutes
Average sessions: 4097 sessions in 1 minute, 3672 sessions in 10 minutes, 3448 sessions in 30 minutes
Average session setup rate: 19 sessions per second in last 1 minute, 24 sessions per second in last 10 minutes, 26 sessions per second in last 30 minutes
Virus caught: 0 total in 1 minute
IPS attacks blocked: 0 total in 1 minute
Uptime: 57 days, 5 hours, 34 minutes

Test-FW1 # get system performance top
Run Time: 57 days, 5 hours and 34 minutes
0U, 0S, 100I; 2020T, 1329F, 211KF
ipsengine 71 S < 0.9 3.4
urlfilter 78 S 0.0 2.7
miglogd 47 S 0.0 1.5
proxyworker 28366 S 0.0 1.1
httpsd 121 S 0.0 1.0
scanunitd 30910 S < 0.0 0.9
pyfcgid 31805 S 0.0 0.9
pyfcgid 31806 S 0.0 0.9
pyfcgid 31807 S 0.0 0.9
pyfcgid 31804 S 0.0 0.9
cmdbsvr 40 S 0.0 0.9
sslvpnd 83 S 0.0 0.9
httpsd 116 S 0.0 0.9
httpsd 49 S 0.0 0.6
httpsd 115 S 0.0 0.6
newcli 31814 R 0.0 0.6
newcli 31793 S 0.0 0.6
iked 86 S 0.0 0.6
scanunitd 30911 S < 0.0 0.6
updated 87 S 0.0 0.6

Test-FW1 # show system interface
config system interface
edit “port1”
set vdom “root”
set ip 10.106.130.254 255.255.255.0
set allowaccess ping https ssh http
set type physical
set alias “Management”
set snmp-index 1
next
edit “port2”
set vdom “root”
set ip 172.16.29.2 255.255.255.248
set allowaccess ping https ssh fgfm
set type physical
set alias “Local”
set device-identification enable
set snmp-index 2
next

Test-FW1 # diagnose hardware deviceinfo nic
The following NICs are available:
port1
port10
port2
port3
port4
port5
port6
port7
port8
port9

Test-FW1 # diagnose hardware sysinfo memory
total: used: free: shared: buffers: cached: shm:
Mem: 2118496256 724090880 1394405376 0 138346496 253218816 221343744
Swap: 0 0 0
MemTotal: 2068844 kB
MemFree: 1361724 kB
MemShared: 0 kB
Buffers: 135104 kB
Cached: 247284 kB
SwapCached: 0 kB
Active: 248652 kB
Inactive: 133808 kB
HighTotal: 262144 kB
HighFree: 4 kB
LowTotal: 1806700 kB
LowFree: 1361720 kB
SwapTotal: 0 kB
SwapFree: 0 kB

Test-FW1 # get system global
admin-concurrent : enable
admin-console-timeout: 0
admin-https-pki-required: disable
admin-https-redirect: disable
admin-lockout-duration: 60
admin-lockout-threshold: 3
admin-maintainer : enable
admin-port : 12080
admin-scp : disable
admin-server-cert : Fortinet_Factory
admin-sport : 12443
admin-ssh-grace-time: 120
admin-ssh-port : 1222
admin-ssh-v1 : disable
admin-telnet-port : 23
admintimeout : 20
allow-traffic-redirect: enable
anti-replay : strict
auth-cert : self-sign
auth-http-port : 1000
auth-https-port : 1003
auth-keepalive : disable
auth-policy-exact-match: enable
av-failopen : pass
av-failopen-session : disable
batch-cmdb : enable
block-session-timer : 30
cert-chain-max : 8
cfg-save : automatic
check-protocol-header: loose
check-reset-range : disable
clt-cert-req : disable
csr-ca-attribute : enable
daily-restart : disable
dst : enable
endpoint-control-fds-access: enable
endpoint-control-portal-port: 8009
explicit-proxy-auth-timeout: 300
fds-statistics : enable
fgd-alert-subscription: advisory latest-threat
forticlient-reg-port: 8010
gui-antivirus : enable
gui-ap-profile : enable
gui-application-control: enable
gui-central-nat-table: disable
gui-certificates : enable
gui-client-reputation: enable
gui-dlp : enable
gui-dns-database : disable
gui-dynamic-profile-display: disable
gui-dynamic-routing : enable
gui-endpoint-control: enable
gui-explicit-proxy : enable
gui-icap : disable
gui-implicit-policy : enable
gui-ips : enable
gui-ipsec-manual-key: disable

Test-FW1 # get system global | grep time
admin-console-timeout: 0
admin-ssh-grace-time: 120
admintimeout : 20
block-session-timer : 30
explicit-proxy-auth-timeout: 300
ldapconntimeout : 500
login-timestamp : disable
remoteauthtimeout : 5
tcp-halfclose-timer : 120
tcp-halfopen-timer : 10
tcp-timewait-timer : 1
timezone : (GMT+2:00)Athens,Istanbul,Minsk,Sofija
udp-idle-timer : 180

Test-FW1 # get system global | grep -i timer
block-session-timer : 30
tcp-halfclose-timer : 120
tcp-halfopen-timer : 10
tcp-timewait-timer : 1
udp-idle-timer : 180

Test-FW1 # get system session
session System session.
session-helper Configure session helper.
session-helper-info session-helper-info
session-info session-info
session-sync Configure session synchronization.
session-ttl Configure session TTL.

Test-FW1 # get system session-ttl
default : 3600
port:

Test-FW1 # diagnose ip address list
IP=172.16.29.2->172.16.99.2/255.255.255.248 index=9 devname=port2
IP=10.106.130.254->10.106.0.254/255.255.255.0 index=10 devname=port1
IP=127.0.0.1->127.0.0.1/255.0.0.0 index=14 devname=root
IP=127.0.0.1->127.0.0.1/255.0.0.0 index=19 devname=vsys_ha
IP=127.0.0.1->127.0.0.1/255.0.0.0 index=21 devname=vsys_fgfm

Test-FW1 # get system interface physical
== [onboard]
==[port1]
mode: static
ip: 10.106.130.254 255.255.255.0
ipv6: ::/0
status: up
speed: 1000Mbps (Duplex: full)
==[port2]
mode: static
ip: 172.16.29.2 255.255.255.248
ipv6: ::/0
status: up

Test-FW1 # get system interface physical | grep -A5 port1
==[port1]
mode: static
ip: 10.106.130.254 255.255.255.0
ipv6: ::/0
status: up
speed: 1000Mbps (Duplex: full)

Test-FW1 # diagnose ip arp list
index=14 ifname=root 0.0.0.0 00:00:00:00:00:00 state=00000040 use=22717 confirm=28717 update=22717 ref=1
index=12 ifname=port3 10.100.0.14 f8:bc:12:94:f7:18 state=00000004 use=5676 confirm=5180 update=1566 ref=1
index=11 ifname=port4 10.101.0.20 30:d6:c9:46:bf:f1 state=00000004 use=13056 confirm=13056 update=9843 ref=7
index=11 ifname=port4 10.101.0.21 28:6a:ba:72:cc:2f state=00000004 use=7449 confirm=7449 update=4236 ref=6
index=11 ifname=port4 10.101.0.33 74:81:14:4b:fa:c1 state=00000004 use=23376 confirm=26012 update=3587 ref=2
index=11 ifname=port4 10.101.0.49 f8:01:13:03:70:5d state=00000004 use=13622 confirm=13622 update=1556 ref=17
index=11 ifname=port4 10.101.0.53 bc:72:b1:54:43:ad state=00000002 use=2059 confirm=1557 update=1557 ref=13
index=11 ifname=port4 10.101.0.65 84:3a:4b:05:7f:d6 state=00000004 use=32977 confirm=32977 update=2428 ref=4

Test-FW1 # diagnose ip arp list | grep 10.101.0.24
index=11 ifname=port4 10.101.0.243 18:ee:69:72:1f:f6 state=00000004 use=13807 confirm=13807 update=7036 ref=3
index=11 ifname=port4 10.101.0.246 00:1f:3b:15:f0:59 state=00000002 use=1 confirm=1504 update=1504 ref=925
Test-FW1 # get system session status
The total number of sessions for the current VDOM: 3326

Test-FW1 # get system session-info full-stat
session table: table_size=524288 max_depth=3 used=6719
expect session table: table_size=8192 max_depth=0 used=0
misc info: session_count=3295 exp_count=0 clash=71 memory_tension_drop=0 ephemeral=0/114688 removeable=0
delete=0, flush=0, dev_down=0/0
TCP sessions:
628 in ESTABLISHED state
86 in SYN_SENT state
3 in SYN_RECV state
10 in FIN_WAIT state
9 in TIME_WAIT state
38 in CLOSE state
31 in CLOSE_WAIT state
firewall error stat:
error1=00000000
error2=00000000
error3=00000000
error4=00000000
tt=00000000
cont=06a4ef64
ids_recv=22557c95
url_recv=00000000
av_recv=11323971
fqdn_count=00000000
tcp reset stat:
syncqf=5584 acceptqf=0 no-listener=5444 data=0 ses=21 ips=0

Test-FW1 # get system session list
PROTO EXPIRE SOURCE SOURCE-NAT DESTINATION DESTINATION-NAT
udp 38 10.101.0.87:9558 123.123.123.123:9558 113.24.213.207:8687 –
udp 159 10.101.0.87:9558 123.123.123.123:9558 213.5.89.166:9934 –
udp 121 10.102.0.4:43551 123.123.123.123:43551 178.90.31.45:5963 –
udp 147 10.101.0.87:9558 123.123.123.123:9558 12.157.84.254:8518 –
udp 60 10.200.0.59:6881 123.123.123.123:6881 109.17.198.27:6882 –

Test-FW1 # get system arp
Address Age(min) Hardware Addr Interface
10.111.0.20 0 10:d6:c9:46:bf:f1 port4
10.111.0.21 0 22:6a:ba:72:cc:2f port4
10.111.0.33 8 70:81:14:4b:fa:c1 port4
10.111.0.49 0 f8:11:13:03:70:5d port4
10.111.0.53 1 bc:32:b1:54:43:ad port4
10.111.0.65 3 84:4a:4b:05:7f:d6 port4
10.111.0.87 0 7c:75:91:38:b4:45 port4
10.111.0.99 3 90:80:6c:18:29:da port4

Test-FW1 # get router info routing-table static
S* 0.0.0.0/0 [10/0] via 123.123.123.122, port8
S 10.110.0.0/16 [10/0] is directly connected, VPN1-P1
S 10.114.0.0/16 [10/0] is directly connected, VPN2-P1
S 10.150.0.0/24 [10/0] via 172.26.98.1, port5

Test-FW1 # get router info routing-table all
Codes: K – kernel, C – connected, S – static, R – RIP, B – BGP
O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area
* – candidate default

S* 0.0.0.0/0 [10/0] via 123.123.123.122, port8
S 10.110.0.0/16 [10/0] is directly connected, VPN1-P1
S 10.114.0.0/16 [10/0] is directly connected, VPN2-P1
S 10.150.0.0/24 [10/0] via 172.26.98.1, port5

Test-FW1 # show router static
config router static
edit 1
set device “port8”
set gateway 123.123.123.122
next
edit 2
set device “port2”
set dst 10.112.0.0 255.255.255.0
set gateway 172.16.19.1
next
Test-FW1 # get router info kernel
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.134.1/32 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.136.1/32 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.135.10/32 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.134.210/32 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.135.1/32 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.136.10/32 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.136.2/31 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.134.208/31 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.136.8/31 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.135.8/31 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.134.2/31 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=0 type=1 proto=14 prio=10 0.0.0.0/0.0.0.0/0->110.212.135.2/31 pref=0.0.0.0 gwy=0.0.0.0 dev=15(ssl.root)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->123.123.123.122/30 pref=123.123.123.123 gwy=0.0.0.0 dev=7(port8)

Post Views: 3.764

Bir cevap yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

One comment

  1. Fortigate Yararlı Komutlar | Tuncay BAŞ, Fortinet UTM Firewall ve PHP, .NET Yazılım Günlüğü dedi ki:
    15 Haziran 2020, 09:20

    […] Kaynak: https://mehmetyeni.com/fortigate-cli-durum-goruntuleme-komutlari/ […]

    Cevapla