SecureXL Debug Procedure

By default, SecureXLClosed Check Point product on a Security Gateway that accelerates IPv4 and IPv6 traffic that passes through a Security Gateway. writes the output debug information to the /var/log/messages file.

To collect the applicable SecureXL debug and to make its analysis easier, follow the steps below.

Note - For more information, see the R81 Quantum Security Gateway Guide - Chapter Kernel Debug on Security Gateway.

Important:

Procedure

  1. Use an SSH or a console connection.

    Best Practice - Use a console connection.

  2. If the default shell is Gaia ClishClosed The name of the default command line shell in Check Point Gaia operating system. This is a restricted shell (role-based administration controls the number of commands available in the shell)., then run:

    expert

  3. Run:

    fw ctl debug 0

    • For all SecureXL instances, run:

      fwaccel dbg resetall

    • For a specific SecureXL instance, run:

      fwaccel -i <SecureXL ID> dbg resetall

  5. Run:

    fw ctl debug -buf 8200 [-v {"<List of VSIDs>" | all}]

    Note - The optional part "-v {"<List of VSIDs>" | all}" is to specify the applicable Virtual Systems on a VSX GatewayClosed Physical server that hosts VSX virtual networks, including all Virtual Devices that provide the functionality of physical network devices. It holds at least one Virtual System, which is called VS0. or VSXClosed Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. Cluster MemberClosed Security Gateway that is part of a cluster..

  6. Run:

    fw ctl debug | grep buffer

  7. Run:

    fw ctl debug -m <Name of Kernel Debug Module> {all | + <Kernel Debug Flags>}

    • For all SecureXL instances, run:

      fwaccel dbg -m <Name of SecureXL Debug Module> {all | + <SecureXL Debug Flags>}

    • For a specific SecureXL instance, run:

      fwaccel -i <SecureXL ID> dbg -m <Name of SecureXL Debug Module> {all | + <SecureXL Debug Flags>}

    See SecureXL Debug Modules and Debug Flags.

  9. Run:

    fw ctl debug

    • For all SecureXL instances, run:

      fwaccel dbg list

    • For a specific SecureXL instance, run:

      fwaccel -i <SecureXL ID> dbg list

  11. Run:

    fw tab -t connections -x -y

    Important:

    • This step makes sure that you collect the debug of the real issue that is not affected by the existing connections.

    • This command deletes all existing connections. This interrupts all connections, including the SSH.

      Run this command only if you are connected over a serial console to your Security Gateway.

  12. Run:

    fw tab -t cphwd_tmpl -x -y

    Note - This command does not interrupt the existing connections. This step makes sure that you collect the debug of the real issue that is not affected by the existing connection templates.

  13. Run:

    fw ctl kdebug -T -f > /var/log/kernel_debug.txt

  14. Perform the steps that cause the issue to occur, or wait for it to occur.

  15. Press CTRL+C.

  16. Run:

    fw ctl debug 0

    • For all SecureXL instances, run:

      fwaccel dbg resetall

    • For a specific SecureXL instance, run:

      fwaccel -i <SecureXL ID> dbg resetall

  18. Run:

    fw ctl debug

    • For all SecureXL instances, run:

      fwaccel dbg list

    • For a specific SecureXL instance, run:

      fwaccel -i <SecureXL ID> dbg list

  20. Path to the debug output file:

    /var/log/kernel_debug.txt

    Best Practice - Compress this file with the "tar -zxvf" command and transfer it from the Security Gateway to your computer. If you transfer to an FTP server, do so in the binary mode.