To enable debugging and generate the CDT:
- Connect to IWSVA via SSH as the "root" user.
- Activate the debug mode:
- Open the /var/iwss/intscan.ini file using a text editor.
- Look for the following entry:
[http]
#Switch for debug log
# 1 -> turn on
# 0 -> turn off
verbose=0 - Change the verbose line to "1" so that the entry should look like:
[http]
#Switch for debug log
# 1 -> turn on
# 0 -> turn off
verbose=1
Note: If you need to do the same for FTP, look for the same section for this protocol, which starts with [ftp] and provide the same option to turn on verbose mode.
- Restart IWSS deamon by using the following commands:
/var/iwss/S99ISproxy stop
/var/iwss/S99ISproxy startFor FTP, replace S99S99ISproxy with S99ISftp in the command above. - From the shell, capture network traffic using the following command where ddmmyy is for the date of the capture.
# tcpdump -s0 -i eth0 -w /tmp/iwsva_debug_ddmmyy.pcap
- Stop capturing the network traffic from the appliance and save the files by pressing CTRL + C. This will save the .pcap file created in point 3 as described above (i.e. /tmp/iwsva_debug_ddmmyy.pcap).
- Launch the CDT using by running the following command:
# su iscan -c "/var/iwss/CDT_IWSS.sh -d /var/iwss/UserDumps"
-
Check the CDT output saved in the folder /var/iwss/UserDumps. The file format will appear as: Info_<date>_<Timestamp>.tar.gz.
To get the file, connect to IWSVA using WinSCP over SCP protocol. Use the root account. - Revert the change made by disabling the verbose logging level:
- Open the /var/iwss/intscan.ini file using a text editor.
- Look for the following entry:
[http]
#Switch for debug log
# 1 -> turn on
# 0 -> turn off
verbose=1 - Change the verbose line to "0" so that the entry should look like:
[http]
#Switch for debug log
# 1 -> turn on
# 0 -> turn off
verbose=0
- Restart IWSS deamon using the following commands:
/var/iwss/S99ISproxy stop
/var/iwss/S99ISproxy startFor FTP, replace S99S99ISproxy with S99ISftp in the command above.