Triple Super Secret debugs for Identity Awareness

In the off chance that there are ‘design inconsistencies’ with Identity Awareness, try this. I don’t believe these are published yet so “sssssssshhhhhhhhhhhh……” don’t tell anyone.

################ Debug with pdp tool #####################################

echo “=======> start debug `date` ” >> $FWDIR/log/pdpd.elg
#### PDP debug on
pdp d s all all
#### PDP debug off
pdp debug off
echo “=======> stop debug `date` ” >> $FWDIR/log/pdpd.elg

 

################ Debug with fw ctl debug #####################################

#### turn off any debug
fw ctl debug 0
#### reserve memory of 32K for output
fw ctl debug -buf 32000
##### turn on all flags for Identity Awareness
fw ctl debug -m IDAPI +all
##### send output to screen and to file
fw ctl kdebug -T -f > /tmp/pdp_debug.txt &
##### turn off debug
fw ctl debug 0

 

############## Debug with fw debug #################

# remove debug file
rm /opt/CPsuite-R75.40/fw1/log/pdpd.elg*
# turn on debug
fw debug fwd on TDERROR_ALL_ALL=5
# kill the pdpd, it will auto restart
killall pdpd
# log should be filling up when it auto restarts
# turn off debug
fw debug fwd off TDERROR_ALL_ALL=0
# look at debug info
less /opt/CPsuite-R75.40/fw1/log/pdpd.elg

 

Advertisements
Post a comment or leave a trackback: Trackback URL.

Comments

  • Marco  On March 2, 2015 at 4:00 am

    Thanks god Mike 🙂

  • Chuck  On May 14, 2015 at 10:21 am

    ok, ok, ok. what about R80? you were there at CPX, so what’s the deal. what did you see? what did you like? when!!! those that could not make it need to know.
    thanks.

    • Dreezman  On May 19, 2015 at 11:44 am

      They were playing it close to the vest. I’m guessing they still have gunpowder on their face from R70+ blade/GIA/ThreatPrevention releases so they are doing tons of QA….at least I want to believe that. I played with R80 a bit and it looks as cool as always. No MDS version, but verbally I was told the changes are minimal which is disappointing.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

blog.lachmann.org

Michael Endrizzi's - St. Paul MN - CheckPoint blog on topics related to Check Point products and security in general.

%d bloggers like this: