Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint Appliances Command Line Interface > Diagnose
Diagnose
CLI Guide | Forcepoint Appliances | v8.5.x
arp
Display the kernel ARP table for the selected module.
arp [--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
module
(Optional) Enter email, proxy, web, network-agent, or analytics-engine.
Usage guidelines
All products.
Examples
(diagnose)# arp --module web
Command history
 
Release
Modification
8.3
This command was modified. Previous commands for V Series appliances:
debug-util controller
debug-util email
debug-util na
debug-util proxy
debug-util web
email-shell_debug_mode
Run selected debug modes on this appliance.
email-shell_debug_mode --expression "<expressions>"
[--location <filestore_alias> | --url <url>] [--auth-required]
 
Parameter
Description
expression
Expression must be in double quotation marks. Separate multiple entries with a comma.
location
(Optional) Remote storage location defined by the "set filestore" command.
url
(Optional) The URL of the storage location. Format: <url type>://<user>@<ip or hostname>/<filepath>
auth-required
(Optional) Used with URL option to specify that a password is needed.
Usage guidelines
Email only.
Press Ctrl+C to end the debug.
Examples
(diagnose)# email-shell_debug_module
--expression "filter event all" --location liftp
ethtool
Display the current Ethernet card settings. Use ethtool to verify local network connectivity.
ethtool --interface <interface> [--show-offload] [--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
interface
The interface name. Use the ifconfig command to see valid interface options.
show-offload
(Optional) Show the state of the protocol offload and other features.
module
(Optional) Enter email, proxy, web, network-agent, or analytics-engine.
Usage guidelines
All products.
Examples
(diagnose)# ethtool --interface p1
Command history
 
Release
Modification
8.3
This command was modified. Previous commands for V Series appliances:
debug-util controller
debug-util email
debug-util na
debug-util proxy
debug-util web
ifconfig
Display the status of the currently active network interfaces. Use ifconfig to troubleshoot network interface issues or to identify IP issues.
ifconfig [--interface <interface>][--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
interface
(Optional) Any existing interface.
module
(Optional) Enter email, proxy, web, network-agent, or analytics-engine.
Usage guidelines
All products.
Examples
(diagnose)# ifconfig --interface e1
Command history
 
Release
Modification
8.3
This command was modified. Previous commands for V Series appliances:
debug-util controller
debug-util email
debug-util na
debug-util proxy
debug-util web
nc
Netcat (nc) attempts to read and write data across the network to the specified server using the specified protocol.
Use netcat for functional tests of components and verification of connectivity.
nc --protocol <tcp|udp> --dest <ipv4_address|hostname>
--port <port_number> --module [<email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
protocol
Uses the TCP or UDP protocol to read and write data.
dest
The IPv4 address or hostname of the server.
port
Port number of the server.
module
Enter email, proxy, web, network-agent, or analytics-engine.
Usage guidelines
All products.
If you are having problems loading a web page or are getting a block, this command can help determine the problem.
If you see a reset coming from the proxy, you can determine which DOM/module it is coming from.
Examples
(diagnose)# nc --protocol tcp --dest 10.10.10.10 --port 22
--module email
Command history
 
Release
Modification
8.3
This command was modified. Previous commands for V Series appliances:
debug-util controller
debug-util email
debug-util na
debug-util proxy
debug-util web
netstat
Print network connections routing tables, interface statistics, and so on.
netstat [--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
module
(Optional) Enter email, proxy, web, network-agent, or analytics-engine.
Usage guidelines
All products.
Examples
(diagnose)# netstat --module web
Related commands
 
Command
Description
 
 
 
 
nslookup
Obtain DNS information for the specified host. Use nslookup to troubleshoot DNS resolution problems.
nslookup --host <ipv4_address|hostname> [--dns-server <ipv4_address|hostname>] [--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
host
The IPv4 address or hostname to be resolved.
dns-server
(Optional) The IPv4 address or hostname of the DNS server.
module
(Optional) Enter email, proxy, web, network-agent, or analytics-engine.
Usage guidelines
All products.
Examples
(diagnose)# nslookup --host 10.10.10.10 --dns-server 20.20.20.20 --module proxy
ping/ping6
Verify that a hostname or IP address exists and can accept requests from the selected module, and that DNS is resolving.
Use ping and ping6 to test connectivity with the specified hostname or IP address.
ping [--interface <c|n|p1|p2|e1|e2>] --dest <ipv4_addr|hostname> [--module <email|proxy|web|network-agent|analytics-engine>]
ping6 [--interface <c|n|p1|p2|e1|e2>] --dest <ipv6_addr|hostname>[--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
dest
The IPv4 (ping) or IPv6 (ping6) IP address or hostname with which to test connectivity.
interface
(Optional) The appliance interface. All valid interfaces can be usd including virtual interfaces.
module
(Optional) If interface C, N, P1, P2, E1, or E2 is chosen, it will be converted to the virtual interface and a message explaining this will be output.
Usage guidelines
All products.
Use Ctrl+C to quit.
Examples
(diagnose)# ping --dest 10.10.10.10 --module proxy
--interface eth0
route/route6
Display the contents of the selected module's kernel IP routing table entries in numeric format. Use route and route6 in complex network environments to see if the environment is set up properly.
route [--module <email|proxy|web|network-agent|analytics-engine>]
 
route6[--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
module
(Optional) Enter email, proxy, web, network-agent, or analytics-engine.
Usage guidelines
All products.
Examples
(diagnose)# route --module network-agent
tcpdump
Display information about packets from the specified network interface, for packets matching the specified Boolean expression.
Use tcpdump to determine whether all routing is occurring properly, to and from the interface.
tcpdump --timeout <timeout value> [--file <filename>] [--interface <interface>] [--expression <filter expression>] [--location <filestore_alias>] [--url <storage_url>] [--auth-required]
 
Parameter
Description
timeout
The amount of time (in seconds) to run tcpdump before outputting results.
file
(Optional) Name of the tcpdump packet capture file located in the filestore.
interface
(Optional) The existing interface on which to capture. For example, C, P1, eth0, wcg.eth0.
expression
(Optional) A Boolean expression used to select the packets of interest.
location
(Optional) Save the output file to a filestore.
url
(Optional) The URL to which the tcpdump will be saved, if adding from a URL rather than from a filestore. Format: <url type>://<user>@<ip or hostname>/<filepath>
auth-required
(Optional) Use with the url parameter to specify whether a password is needed.
Usage guidelines
All products.
URL parameter examples
To capture all TCP traffic to and from the proxy on port 8080, specify:
"tcp port 8080"
To capture all TCP traffic to the site google.com, specify:
"tcp and dst host google.com"
To capture all TCP traffic from a specific end-user machine, specify:
"tcp and src host user.example.com"
You can enter a hostname if it is resolvable by a DNS server, but the output uses IP addresses.
Examples
(diagnose)# tcpdump --timeout 5 --interface eth0
top
Display all Linux processes that are currently running in the selected module. Use top to help diagnose CPU and memory issues.
(diagnose)# top [--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
module
(Optional) The appliance module.
Usage guidelines
All products.
Examples
(diagnose)# top --module proxy
traceroute/traceroute6
Display the route used by packets to reach the specified destination.
traceroute --dest <ipv4_address|hostname> [--module <email|proxy|web|network-agent|analytics-engine>]
 
traceroute6 --dest <ipv6_addr|hostname>[--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
dest
The destination (enter an IP address or a host name).
module
The appliance module (email, proxy, web, network-agent, or analytics-engine).
Usage guidelines
All products.
If some machines are not receiving policy enforcement, or if traffic is not getting to the appliance, this displays the devices (or hops) that are between the machines that may be blocking access to the host. Use tcpdump to get a packet capture from each device. If you are having latency issues, traceroute can also help identify potential causes. Note: Traceroute is of limited usefulness if an IP address is being spoofed.
Examples
(diagnose)# traceroute --dest www.mywebsite.com
--module proxy
 
(diagnose)# traceroute6 --dest 1234:5678::8765::4321
--module email
wget
Test connectivity with the specified URL (file download not supported).
wget --url <url> [--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
url
The URL to which to test connectivity.
module
The appliance module.
Usage guidelines
Supports non-interactive download of web pages to help diagnose connectivity issues.
Use wget, for example, if you have configured the proxy, but cannot access the Web. wget simulates the proxy going out and retrieving content at the specified URL.
This command supports HTTP, HTTPS, and FTP.
Examples
(diagnose)# wget --module email --url www.mywebsite.net
wget-proxy
Test connectivity between the specified URL and the proxy (file download not supported).
wget-proxy --url <url> --proxy-ip <proxy_ip> --port <port>
[--proxy-user <user_name>] [--module <email|proxy|web|network-agent|analytics-engine>]
 
Parameter
Description
url
The URL of the website to which you want to test connectivity.
proxy-ip
The proxy IP address. This is the IP address of the P1 interface on most appliance configurations.
port
The port on which the proxy expects traffic. 8080 is configured for HTTP by default.
proxy-user
(Optional) The user name of the client, if required for authentication.
module
(Optional) The appliance module.
Usage guidelines
All products.
Examples
(diagnose)# wget-proxy --module web --port 8080 --proxy-ip 10.206.4.47 --url www.google.com --proxy-user myuser
"Get" commands
get debugging
Get the module's logging level status.
get debugging --module <proxy|email|web|network-agent>
--command <status>
 
Parameter
Description
command
status
module
Choose email, proxy, network-agent, or web
Usage guidelines
All products.
The only value for the --command parameter is "status"
Examples
(diagnose)# get debugging --module proxy --command status
get proxy content_line
Run the Content Gateway Content Line command.
get proxy content_line
Usage guidelines
Content Gateway only.
Examples
(diagnose)# get proxy content_line
get proxy network_check
Runs a network check against the Proxy.
get proxy network_check
Usage guidelines
Content Gateway only.
Examples
(diagnose)# get proxy network_check
get proxy policy_engine
Display the status of the Content Gateway instance of Policy Engine.
get proxy policy_engine
Usage guidelines
Content Gateway only.
Examples
(diagnose)# get proxy policy_engine
get proxy print_bypass
Prints the Proxy's bypass entries.
get proxy print_bypass
Usage guidelines
Content Gateway only.
Examples
(diagnose)# get proxy print_bypass
get web cache_users
Retrieves the status of caching of users.
get web cache_users
Usage guidelines
Web only.
Examples
(diagnose)# get web cache_users
get web policy_broker
Retrieves information from the Policy Broker.
get web policy_broker
Usage guidelines
Web only.
Examples
(diagnose)# get web policy_broker
get web usr_grp_ip_prec
Retrieves the status of User Group IP Precedence.
get web usr_grp_ip_prec
Usage guidelines
Web only.
Examples
(diagnose)# get web usr_grp_ip_prec
get email dig_output
Run the DIG command.
get email dig_output --entry <ip_address|domain name>
--type <mx|txt|x>
 
Parameter
Description
entry
Location to run DIG against.
type
Option to be passed to.
Usage guidelines
Email only.
Examples
(diagnose)# get email dig_output --entry 10.206.6.13
--type mx
get email log
Retrieve the specified log file.
get email log --alias <filestore alias> --file <filename>
 
Parameter
Description
alias
Filestore location for the file.
file
Name of the file to download.
Usage guidelines
Email only.
Examples
(diagnose)# get email log --alias liftp --file maillog
get email log_list
Retrieve the list of log files that can be downloaded to a filestore.
get email log_list
Usage guidelines
Email only.
Examples
(diagnose)# get email log_list
get email pem
Download the PEM files to a filestore.
get email pem --alias <filestore alias>
 
Parameter
Description
alias
Filestore location for the file.
Usage guidelines
Email only.
Examples
(diagnose)# get email pem --alias liftp

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint Appliances Command Line Interface > Diagnose
Copyright 2020 Forcepoint. All rights reserved.