system - Manage the operating system
system [soft [check] | hard | machine | architecture | cpu | memory | drive | serial | end]
system patch (aload | (ftp | sftp | tftp) <file-server> <file-name>)
system backup [(create [report] | clear)]
system backup [(save | load) (ftp | sftp | tftp) <file-server> <file-name>]
system report [cpu | memory | disk | raid | link | gateway | service | counter [web | rweb | firewall | guard | antivirus | avserver | waf] [raz]]
The first usage form displays information about the actual system. In this usage form the optional arguments are as follows:
* soft: software OS (Operating System) name and version. If the optional check keyword is specified, the system checks for available updates.
* hard: this is a dash separated fields giving the hardware appliance model tuned during the installation. Details are as follows:
|
• US: forward USers, | ||
|
• GR: GuaRd blacklist records number, | ||
|
• RU: Reverse Users, | ||
|
• RW: Reverse Websites, | ||
|
• RC: Reverse Cache size, | ||
|
• LR: Logs Rotation period, | ||
|
• UL: Maximum size for UpLoaded files, | ||
|
• PC: Persistent Cache (0:off, 1:on), | ||
|
• WL: Persistent Web access logging (0:off, 1:on), | ||
|
• RL: Persistent rWeb access logging (0:off, 1:on). |
* machine: machine manufacturer and product name.
* architecture: the installed CPU architecture (32 or 64 bits).
* cpu: CPU information.
* memory: total RAM capacity.
* drive: hard drives information.
* serial: the serial number
* end: subscription period end of the system.
The second usage form allows you to load an OS patch from a file server or automatically from an official Web server. To automatically download a patch from an official Web server use the keyword aload. Please note that the web mode should be activated in order to download contents from the Web. If you want to explicitly download from a file, only trusted file servers are allowed. Trusted file servers are defined with the command access. The explicit download form requires three mandatory arguments. The first argument is the protocol name (ftp, tftp or sftp). The second argument is the name or IP address of the file server. The third argument is the patch file name. The apply command must be used to apply a loaded patch. Note that some patches require a system reboot. In this case the system is automatically rebooted.
The third and fourth usage forms allow you to make system backup and restore. A system backup contains all necessary files to rebuild a crashed system due to a hardware failure or any other reason. A system backup should only be restored on a new system freshly installed. Compared to a saved configuration (see the command conf), a system backup includes not only the logical configuration but also all data uploaded to the system like the antivirus signatures, URL lists or custom WAF rules. Note that cached objects and archived logs are not part of the backup.
Please note that a system backup can only be restored on a system having the same OS version and hardware model as the initial backed up system. As a backup system may contain confidential information the system backup is saved in encrypted form.
CAUTION: as the S/N of a registered appliance is bound to the MAC address of its first NIC (eth0), the first NIC of the new machine should have the same MAC address as the crashed machine. If changing a MAC address on the new machine is not an option, please contact our support services.
Without any argument, the last system backup date and time is displayed. A system backup should be created prior to being saved on a file server. To create a system backup, use the keyword create. This will launch the system backup operation in the background. Depending on your configuration a system backup could take between 3 and 30 seconds. The optional keyword report allows you to display the last system backup report. To delete a previously created system backup use the keyword clear.
A system backup can be stored on a file server. Only trusted file servers are allowed. Trusted file servers are defined with the command access. The save usage form requires three mandatory arguments. The first argument is the protocol name. Possible values for this argument are ftp, sftp and tftp. It is preferable to use ftp rather than other protocols for large files. The second argument is the name or IP address of the file server. The third argument is the system backup file name. To restore a previously saved system backup use the load usage form. To take effect, the command apply should be used after having loaded a system backup.
The fifth usage form allows you to display a report on the system activity and its health. It checks critical software and hardware health components and informs you about potential malfunction. Without any optional argument, this command displays a complete report on all components. If an optional argument is given, only a report related to that component is displayed.
The keyword cpu displays a report on the micro processor activity. It shows the number of jobs in the run queue or waiting for disk i/o averaged over 1, 5, and 15 minutes.
The keyword memory displays a report on the RAM and swap memory size.
The keyword disk displays a report on all of the hard drive activity in your configuration. This report includes the disks’ average i/o time in milliseconds and the disks’ i/o time averaged over the last 1 minute. If the hard drives support SMART (Self-Monitoring, Analysis and Reporting Technology), the report also includes the health status of the corresponding disks. Note that the health status is not always available for disks in a hardware raid array. Refer to your vendor-specific health checking systems to monitor those disks.
If the system has been installed with software RAID support, the keyword raid displays a report on the installed RAID.
The keyword link displays the status of Ethernet links. Associated IP addresses to each Ethernet interface are also displayed. You can use this command to check floating IP addresses configured with the command vrrp.
The keyword gateway displays the status of connected gateways.
The keyword service displays the status of all critical software components. Note that critical software components differ according to your current system configuration.
Finally the keyword counter displays the total number of blocked or allowed contents until the last log rotation. Please note that a counter is available only if its related logging is activated (see the command log). The optional argument raz allows you to reset a counter. Counter calculations are made since the system installation or the last reset operation. The real number of blocked or allowed contents can differ from values given by counters as some logs can be deactivated for a period of time and then be reactivated.
access (1) apply (1) conf (1) log (1) mode (1) reboot (1) register (1) vrrp (1)
CacheGuard Technologies Ltd <www.cacheguard.com>
Send bug reports or comments to the above author.
Copyright (C) 2009-2017 CacheGuard - All rights reserved