|
 |
Overview of FWLoggqry - command-line utility for log searches
This Knowledge Base article applies to:
Clavister FWLoggqry 1.01.04 for Clavister Firewall
|
This is the usage guide for the Clavister FWLogqry utility. This utility was designed with the goal of making it easier to search in the log files generated by Clavister Firewall 8 from the command line.
Topics covered in this document
Log directory management
HUR FUNKAR DETTA?
Under windows, FWCtl will use the same datasource settings that the Firewall
Manager uses. These settings are stored in the registry, under HKEY_CURRENT_USER.
Under unix, FWCtl stores these settings in ~/.fwctlrc.
--setrootdir (-s) - Set the default root directory where FWLogQry looks for log files
Syntax: --setrootdir "<directory>"
Example: fwlogqry --setrootdir "c:\path\to\my\fwlogger"
Note that setrootdir does not verify that the given directy actually contains
logfiles; only that it exists.
|
--userootdir (-r) - Use the specified root directory to look for log files
Syntax: --userootdir "<directory>"
Example: fwlogqry --userootdir "c:\path\to\my\fwlogger"
|
Delimiters
--delimiter (-d) - Set the delimiter used when outputting the data
Syntax: --delimiter <del>
Examples:
fwlogqry -console mygw
Attaches to the firewall console, just like in the Firewall Manager.
Note: This option is ignored if the output is binary.
|
--addenddelimiter (-a) - Should an ending delimiter be added
Syntax: --addenddelimiter
Examples:
fwlogqry -rtlog mygw
Displays the real-time log. Abort by hitting [Esc] or Ctrl+C.
Note: This option is ignored if the --delimiters option is not used.
|
File upload/download
-cfgupload - Upload a configuration file to the firewall
Syntax: -cfgupload [-cfgversion <version> | -file <file>] <firewall>
Examples:
fwctl -cfgupload mygw
Upload the most recent configuration stored in the management datasource.
fwctl -cfgupload -cfgversion 123 mygw
Upload version 123 from the management source.
fwctl -cfgupload -file x:\path\to\config.txt mygw
Upload the contents of the given file.
Note that the configuration is only uploaded, not activated.
A complete configuration upload procedure:
fwctl -cfgupload mygw
fwctl -reconfigure mygw
|
-cfgdownload - Download the configuration file from the firewall
Syntax: -cfgdownload [-user <username> | -file <file>] <firewall>
Examples:
fwctl -cfgdownload mygw
Downloads the configuration and stores it in the management datasource.
fwctl -cfgdownload -file x:\path\to\mycfgfile.txt
Puts the downloaded configuration in a separate file, rather than
storing it in the management datasource.
|
-coreupload - Upload a new firewall core to the firewall
Syntax: -coreupload <core file> <firewall>
Examples:
fwctl -coreupload x:\path\to\fwcore703.exe mygw
fwctl -restart -nobidir mygw
fwctl -cfgupload mygw
fwctl -coreupload x:\path\to\fwcore703.exe mygw
fwctl -restart mygw
|
-fileupload - Upload an arbitrary file to the firewall
Syntax: -fileupload "<source>" "<destination>" <firewall>
Example: fwctl -fileupload x:\path\to\file.txt file.txt mygw
Note that, while it is possible to do so, it is not recommended to upload
"fwcore.cfg" nor "fwcore.exe" this way. For these files, "-cfgupload"
and "-coreupload", respectively, are the recommended methods.
|
Getting started
This small guide assumes that fwctl is already downloaded, and
perhaps also added to your system path.
You may need to attach to the datasources you want to work with.
If you are using fwctl on the computer where you use Firewall Manager,
you can likely skip this step; fwctl uses the same datasource settings
that the Firewall Manager does.
fwctl -adddsn mydsn "c:\Program Files\Clavister\Firewall Manager\Default"
Use "-list" to see the list of firewalls available in your DSNs.
fwctl -list
Name IP Address Status Core DSN Mod
mygw 192.168.0.1 ACTIVE 7.03.00 mydsn VPN
At this point, you'll be able to use all the
basic communications commands like ping, console, etc.
|
