Webproxy kullanıldığında oturum istemci tarafı oturumu yansıtır.
Ancak, politika kimliği oturum tablosunda 0 olarak gösterir. Aynı zamanda “debug flow” çıktısında da görülmez.
Webproxy kuralında traffic log enable edildiğinde, ilgili kural ID si loglarda görülmektedir.
1. Enable Logging in Policy
Log trafik enable
config firewall explicit-proxy-policy
edit 1
set proxy web
set dstintf “any”
set srcaddr “all”
set dstaddr “all”
set service “webproxy”
set action accept
set schedule “always”
set logtraffic all
next
2. Topology
Client – FortiGate – Server
172.77.97.125 172.77.97.129 207.46.15.253
3. Session Table
Session tablosu client (172.77.97.125) ve FortiGate (172.77.97.129).
note: hedef port 8080
session info: proto=6 proto_state=01 duration=191 expire=3574 timeout=3600 flags=00000000 sockflag=00000000
…
orgin->sink: org pre->in, reply out->post dev=3->13/13->3 gwy=172.77.97.129/0.0.0.0
hook=pre dir=org act=noop 172.77.97.125:50889->172.77.97.129:8080(0.0.0.0:0)
hook=post dir=reply act=noop 172.77.97.129:8080->172.77.97.125:50889(0.0.0.0:0)
pos/(before,after) 0/(0,0), 0/(0,0)
misc=0 policy_id=0 auth_info=0 chk_client_info=0 vd=0
…
4. Traffic Log
Webproxy politikası için trafik log enable edildiğinde:
1: date=2015-03-31 time=21:54:41 logid=0000000010 type=traffic subtype=forward level=notice vd=root srcip=172.77.97.125 srcport=50797 srcintf=”root.b” dstip=207.46.15.253 dstport=443 dstintf=”root.b” sessionid=604204290 dstcountry=”United States” srccountry=”Reserved” service=HTTPS wanoptapptype=web-proxy proto=0 duration=0 policyid=1 wanin=5802 rcvdbyte=5802 wanout=1637 lanin=1809 sentbyte=1809 lanout=5874
5,221 total views, 4 views today
Comments are closed.