A few problems...

Recently I decided to go ahead and upgrade Drupal as I had been lagging behind on some security updates. I performed all the necessary backups and such but, unfortunately, ran into issues with the restoring of the database.

And you might have seen the result. Packetbin was down. I could access the administration console but couldn't actually correct the errors that were causing the issues. I had been considering moving away from Drupal anyway and this sort of forced my hand.

So why move away from Drupal? While it's quite powerful with many extensions, it's a bit on the complicated side for what I'm doing here with packetbin. As such, something a bit simpler like Grav CMS makes a bit more sense. It's a lot simpler, using flat files and seems to run well.

It's worth noting the old links you may have may be broken and there's an issue with styling with some of the project pages. I'll be working to solve all these issues eventually.

Anyway... Let's hope we don't see this sort of issue again in the future.

-- Ryan Reed

[ # ]

cpstat fw -f policy       !! Similar to 'fw stat' but with more information

Notes:

  • This provides connection counts, current policy name, last policy install time, interface based stats (such as accepted packets, drops, etc)

[ # ]

failover exec mate <command>

Documentation

[ # ]

The following command will allow you to view CPU statistics, memory usage, hard drive usage, throughput, etc in real time through the firewall or management server

This command was added in R77. Older versions do not have this ability.

cpview

To start the cpviewd process:

cpwd_admin start -name CPVIEWD -path "$FWDIR/bin/cpviewd" -command "cpviewd"

To stop the cpviewd process

cpwd_admin stop -name CPVIEWD

Documentation

[ # ]

cpstat mg

[ # ]

fw ctl zdebug drop | grep [ip]

[ # ]

fw ctl arp

[ # ]

cpca_client lscert -stat <Pending|Valid|Revoked|Expired|Renewed> -kind <SIC|IKE|User|LDAP>

!! Example to view valid SIC certs:
cpca_client lscert -stat Valid -kind SIC

Documentation

[ # ]

icmp permit host <ping from IP> <interface>
icmp permit <network ip> <netmask> <interface>

[ # ]

arp permit-nonconnected

Notes:

  • This is not recommended by Cisco due to security concerns
  • This was disabled by default in version 8.4(5). Prior to this, the firewall may ARP for non-directly-connected NAT IPs.

Documentation

[ # ]