国产宅男网站在线|亚洲A级性爱免费视频|亚洲中精品级在线|午夜福利AA毛

  • 

    <dd id="gf5jf"><th id="gf5jf"></th></dd>
    

    <cite id="gf5jf"><label id="gf5jf"></label></cite>
    • <div id="gf5jf"><listing id="gf5jf"></listing></div>
    
	
    
		
    
				
			
		
    
	
    
	
    
		
    			
			
			學(xué)習(xí)啦 > 學(xué)習(xí)電腦 > 電腦安全 > 防火墻知識(shí) >  funiper防火墻日志如何設(shè)置
		
    
		
    
			
    
				
    
					
    
						
    funiper防火墻日志如何設(shè)置
    
						
    
							
    
								時(shí)間:
								林輝766 分享
								
							
    						
						
    
					
    
					
    

					
    
					
    funiper防火墻日志如何設(shè)置
       juniper防火墻日志怎么樣設(shè)置才最有效,小編來(lái)教你!下面由學(xué)習(xí)啦小編給你做出詳細(xì)的juniper防火墻日志設(shè)置方法介紹!希望對(duì)你有幫助!
      juniper防火墻日志設(shè)置方法一:
       以遠(yuǎn)程撥號(hào)(xauth)為例:
       netscreen_isg1000-> get event include 120.31.240.98
       Date Time Module Level Type Description
       2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID
       <6c0f2afe>: Completed negotiations
       with SPI <3eab9265>, tunnel ID< 45468>,
       and lifetime <3600> seconds/<0> KB.
       2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID
       < 6c0f2afe>: Responded to the peer's
       first message.
       2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98>: XAuth login was
       passed for gateway< Test_Gateway>,
       username , retry: 0, Client
       IP Addr<11.2.2.70>, IPPool name:
       < _TEST_POOL>, Session-Timeout:<0s>,
       Idle-Timeout:<0s>.
       2008-09-14 10:57:12 system info 00536 IKE<120.31.240.98>: XAuth login was
       refreshed for username at
       < 11.2.2.70/255.255.255.255>.
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial
       contact notification and removed Phase
       1 SAs.
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed
       Aggressive mode negotiations with a
       < 28800>-second lifetime.
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed
       for user .
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial
       contact notification and removed Phase
       2 SAs.
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a
       notification message for DOI< 1>
       < 24578>< INITIAL-CONTACT>.
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a
       notification message for DOI< 1>
       < 24577>< REPLAY-STATUS>.
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: IKE
       responder has detected NAT in front of
       the remote device.
       2008-09-14 10:57:08 system info 00536 IKE<120.31.240.98> Phase 1: Responder
       starts AGGRESSIVE mode negotiations.
       Total entries matched = 12
       而不要使用以下命令:
       netscreen_isg1000-> get event | in 120.31.240.98
       2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID
       2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98> Phase 2 msg ID
       2008-09-14 10:57:13 system info 00536 IKE<120.31.240.98>: XAuth login was
       2008-09-14 10:57:12 system info 00536 IKE<120.31.240.98>: XAuth login was
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: Completed
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received initial
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98>: Received a
       2008-09-14 10:57:09 system info 00536 IKE<120.31.240.98> Phase 1: IKE
       2008-09-14 10:57:08 system info 00536 IKE<120.31.240.98> Phase 1: Responder
       特別說(shuō)明:120.31.240.98是發(fā)起方公網(wǎng)IP地址。
      juniper防火墻日志設(shè)置方法二:
       一般用cli查看
       先定義一個(gè)traceoption的文件名,和需要記錄的log類型,
       然后再在策略的最后面then的地方加上log記錄屬性。
       然后用命令show log 【你taceoption定義的log名】
       web查看也是需要用命令去定義,然后再在web的system文件夾下面去找這個(gè)log文件名,很麻煩
      juniper防火墻日志設(shè)置方法三:
       普通日志show log message
       特殊日志需要定義類型
       SRX 抓包
       debug:跟蹤防火墻對(duì)數(shù)據(jù)包的處理過(guò)程
       SRX跟蹤報(bào)文處理路徑的命令:
       set security flow traceoptions flag basic-datapath 開(kāi)啟SRX基本報(bào)文處理Debug
       set security flow traceoptions file filename.log 將輸出信息記錄到指定文件中
       set security flow traceoptions file filename.log size 設(shè)置該文件大小,缺省128k
       set security flow traceoptions packet-filter filter1 destination-prefix 5.5.5.2 設(shè)置報(bào)文跟蹤過(guò)濾器
       run file show filename.log 查看該Log輸出信息
       看了“ funiper防火墻日志如何設(shè)置”文章的還看了:
     1.360防火墻日志在哪里
     2.如何設(shè)置DDOS防火墻各項(xiàng)參數(shù)
     3.防火墻配置命令是怎么樣的
     4.cisco防火墻怎么樣設(shè)置最好
     5.h3c防火墻如何設(shè)置adsl
     6.ARP防火墻參數(shù)設(shè)置方法有哪些
     
					
    
					
    
					
    
						
      
							
							
      
						
    
					
    		
				
    
				
				
    
			
    
			
			
    
		
    
	
    
	



	
    	
	781972