作者: reistlin
来源: http://www.reistlin.com/blog/73
更新时间: 2010.12
版权声明: 原创文章.转载请保留作者信息和原文完整.谢绝任何方式的摘要

checkpoint.pngnokia.png

1,收集 Nokia IPSO & CheckPoint NG/NGX 详细信息(Debug):cst

nokia[admin]# setenv CPINFO_NO_FW_LOG=1
nokia[admin]# cst

2,收集 Nokia IPSO & CheckPoint NG/NGX 详细信息(Debug):cpinfo

nokia[admin]# cpinfo

3,查看 Kernel 版本,HotFix 信息:fw ver

nokia[admin]# uname -a
nokia[admin]# fw ver

4,查看 CPU,系统负载,运行时间:BSD 系统命令

nokia[admin]# vmstat 3
nokia[admin]# uptime

5,查看防火墙网络层状态(内核,物理内存,连接数,NAT,Sync):fw ctl pstat

nokia[admin]# fw ctl pstat

Machine Capacity Summary:
  Memory used: 6% (23MB out of 339MB) - below low watermark
  Concurrent Connections: 0% (196 out of 49900) - below low watermark
  Aggressive Aging is not active

Hash kernel memory (hmem) statistics:
  Total memory allocated: 20971520 bytes in 5119 4KB blocks using 1 pool
  Total memory bytes  used:  2374976   unused: 18596544 (88.68%)   peak:  3848892
  Total memory blocks used:      771   unused:     4348 (84%)   peak:     1102
  Allocations: 5804997 alloc, 0 failed alloc, 5782865 free

System kernel memory (smem) statistics:
  Total memory  bytes  used: 40497232   peak: 48699228
    Blocking  memory  bytes   used:   171632   peak:   223252
    Non-Blocking memory bytes used: 40325600   peak: 48475976
  Allocations: 2966 alloc, 0 failed alloc, 2476 free, 0 failed free

Kernel memory (kmem) statistics:
  Total memory  bytes  used: 21877260   peak: 31241588
        Allocations: 5807949 alloc, 0 failed alloc, 5785328 free, 0 failed free
        External Allocations: 0 for packets, 0 for SXL

Kernel stacks:
        0 bytes total, 0 bytes stack size, 0 stacks,
        0 peak used, 0 max stack bytes used, 0 min stack bytes used,
        0 failed stack calls

INSPECT:
        564175 packets, 317904596 operations, 4328527 lookups,
        0 record, 107186100 extract

Cookies:
        14813515 total, 0 alloc, 0 free,
        8886 dup, 150792106 get, 28565360 put,
        36234010 len, 4 cached len, 0 chain alloc,
        0 chain free

Connections:
        168773 total, 64272 TCP, 99070 UDP, 5431 ICMP,
        0 other, 1 anticipated, 221 recovered, 196 concurrent,
        804 peak concurrent

Fragments:
        4 fragments, 2 packets, 0 expired, 0 short,
        0 large, 0 duplicates, 0 failures

NAT:
        3171877/0 forw, 3945063/0 bckw, 7088715 tcpudp,
        28225 icmp, 252116-117455 alloc

Sync: off

6,查看防火墙活动连接数(网络并发连接数):fw tab -t connections -s

nokia[admin]# fw tab -t connections -s

HOST                  NAME                               ID #VALS #PEAK #SLINKS
localhost             connections                      8158   228   804     823

标签: checkpoint, nokia