12/7/2023 0 Comments Sophos home utm shell accessYou will have to look at the differences between the lines to figure out how many IO’s you’re getting in those 5 seconds, and whether you’re saturating the disk or not. Vmstat -d | head -2 vmstat -d 5 | grep hda We recommend the following commands to find the offending directories: du will tell you what files/folders are using the most space.df will only tell you how full the disk is.Warning: it doesn’t cause a complete reboot, but it does cause an HA failover, interruption of any up/downloads and VoIP calls, etc. Saving Snapshots of TOP automatically every half hourĬreate a cron job that contains the following command:Ĭreate an entry for each CPU core, and possibly another if the CPU(s) has hyperthreading: Less /proc/net/ip_conntrack | grep WAIT | wc –l Number of connections with status WAIT (close_wait) Less /proc/net/ip_conntrack | grep ESTA | wc -l Sysctl -w _conntrack_tcp_timeout_establ ished=86400 The peak and accumulative traffic is also displayed. One can see the traffic live on an interface for Source Host, Destination Host, and Ports. Sophos UTM also offers the command iftop to see the live traffic and traffic statistics. In case it is not obvious, all the start scripts are in /var/mdw/scripts/ View the link speed for the ASG’s interfaces? Websurfing will be extremely slow until the database has downloaded and been put into place. Restart the http proxy by using: /var/mdw/scripts/httpproxy restart.cc set http sc_local_db (Choose what you prefer, the best is to redirect to RAM using mem, but only for RAM > 1GB).Connect through ssh to ASG and login with loginuser.To view automatic firewall rules from command line:Ĭlear Buffer Memory ( Useful for any Linux)įree -k sync echo 3 > /proc/sys/vm/drop_caches free -k Tail -f /var/log/afc.log | Īnd now the log has the text label added to the end of the log line: However, Sophos includes a handy tool to make watching your logs in realtime easier. On version 9.312, this lookup file can be found at: sub=”packetfilter” name=”AFC Alert” action=”log” fwrule=”2″ outitf=”eth1″ mark=”0x307f” app=”127″.Īpplication Flow Control uses a lookup file to translate the app number to a text name. The application control log only lists the application ID. The following are useful command line procedures for the Sophos UTM platform. To totally unlock this section you need to Log-in
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |