国产成人v爽在线免播放观看,日韩欧美色,久久99国产精品久久99软件,亚洲综合色网站,国产欧美日韩中文久久,色99在线,亚洲伦理一区二区

學(xué)習(xí)啦 > 學(xué)習(xí)電腦 > 電腦安全 > 防火墻知識 > funiper防火墻日志如何設(shè)置

funiper防火墻日志如何設(shè)置

時間: 林輝766 分享

funiper防火墻日志如何設(shè)置

  juniper防火墻日志怎么樣設(shè)置才最有效,小編來教你!下面由學(xué)習(xí)啦小編給你做出詳細的juniper防火墻日志設(shè)置方法介紹!希望對你有幫助!

  juniper防火墻日志設(shè)置方法一:

  以遠程撥號(xauth)為例:

  netscreen_isg1000-> get event include 120.31.240.98

  Date Time Module Level Type Description

  2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID

  <6c0f2afe>: Completed negotiations

  with SPI <3eab9265>, tunnel ID< 45468>,

  and lifetime <3600> seconds/<0> KB.

  2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID

  < 6c0f2afe>: Responded to the peer's

  first message.

  2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98>: XAuth login was

  passed for gateway< Test_Gateway>,

  username , retry: 0, Client

  IP Addr<11.2.2.70>, IPPool name:

  < _TEST_POOL>, Session-Timeout:<0s>,

  Idle-Timeout:<0s>.

  2008-09-14 10:57:12 system info 00536 IKE<120.31.240.98>: XAuth login was

  refreshed for username at

  < 11.2.2.70/255.255.255.255>.

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial

  contact notification and removed Phase

  1 SAs.

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed

  Aggressive mode negotiations with a

  < 28800>-second lifetime.

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed

  for user .

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial

  contact notification and removed Phase

  2 SAs.

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a

  notification message for DOI< 1>

  < 24578>< INITIAL-CONTACT>.

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a

  notification message for DOI< 1>

  < 24577>< REPLAY-STATUS>.

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: IKE

  responder has detected NAT in front of

  the remote device.

  2008-09-14 10:57:08 system info 00536 IKE<120.31.240.98> Phase 1: Responder

  starts AGGRESSIVE mode negotiations.

  Total entries matched = 12

  而不要使用以下命令:

  netscreen_isg1000-> get event | in 120.31.240.98

  2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID

  2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID

  2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98>: XAuth login was

  2008-09-14 10:57:12 system info 00536 IKE<120.31.240.98>: XAuth login was

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a

  2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: IKE

  2008-09-14 10:57:08 system info 00536 IKE<120.31.240.98> Phase 1: Responder

  特別說明:120.31.240.98是發(fā)起方公網(wǎng)IP地址。

  juniper防火墻日志設(shè)置方法二:

  一般用cli查看

  先定義一個traceoption的文件名,和需要記錄的log類型,

  然后再在策略的最后面then的地方加上log記錄屬性。

  然后用命令show log 【你taceoption定義的log名】

  web查看也是需要用命令去定義,然后再在web的system文件夾下面去找這個log文件名,很麻煩

  juniper防火墻日志設(shè)置方法三:

  普通日志show log message

  特殊日志需要定義類型

  SRX 抓包

  debug:跟蹤防火墻對數(shù)據(jù)包的處理過程

  SRX跟蹤報文處理路徑的命令:

  set security flow traceoptions flag basic-datapath 開啟SRX基本報文處理Debug

  set security flow traceoptions file filename.log 將輸出信息記錄到指定文件中

  set security flow traceoptions file filename.log size 設(shè)置該文件大小,缺省128k

  set security flow traceoptions packet-filter filter1 destination-prefix 5.5.5.2 設(shè)置報文跟蹤過濾器

  run file show filename.log 查看該Log輸出信息

  看了“ funiper防火墻日志如何設(shè)置”文章的還看了:

1.360防火墻日志在哪里

2.如何設(shè)置DDOS防火墻各項參數(shù)

3.防火墻配置命令是怎么樣的

4.cisco防火墻怎么樣設(shè)置最好

5.h3c防火墻如何設(shè)置adsl

6.ARP防火墻參數(shù)設(shè)置方法有哪些

781972