Skip to main content

Hello all,

 

I would like to write an parser/qapp for a fortinet to capture some packets.

Here a chain of commands is used to archieve a packet sniff.

 

diagnose debug flow filter port 443                             ##Define Filter
diagnose debug flow show function-name enable
diagnose debug flow show iprope enable
diagnose debug flow trace start 20
diagnose debug enable

diagnose debug disable
diagnose debug flow filter clear                                  ## Output start, need to be captured

##cleanup

diagnose debug disable
diagnose debug flow filter clear

The flow must be in the same CLI session (I already tried to use a standalone parser for each step)

On the fortinet box itself it is not possible to chain commands.

Is that possible?

 

 

Hi eschulz,

First Navigate to System settings – Advance settings

In the  “Rules for CLI Command Data Retrieval” section, please add the word “diagnose” as shown below.

Once added, please logout and login again

 

Create a  Parser to enable the debug as shown below using “diagnose debug flow filter port 443||diagnose debug flow show function-name enable||diagnose debug flow show iprope enable||diagnose debug flow trace start 20||diagnose debug enable||diagnose debug disable||diagnose debug flow filter clear” as shown below.

This will execute the commands one by one as shown in image

 

However, it is not recommended to use NetBrain for debug commands for any Vendor.

Let me know if you have any further questions. Will be happy to assist :) 


Thanks it works 👍, but the ssh timeout is now to short.

Will there any side effects if I increase the value on the front server?


Hi Eschulz,

Yes, you can increase the SSH timeout value. 
By default value is set to 10 and you can try to increase the value as per requirements.

 

NOTE: You will have to restart NetBrain Front Server service in services.msc to reflect it.

 

Regards,

Kranthi


Reply