Information Technology Reference
In-Depth Information
•
nrconns
—Used to determine the currently configured connections and their status. Things to look
for in the output include the IP address of the host and the information in brackets []. In the example
that follows, [Established] means the communication is up and running. [SynSent] means that the
Director sent a packet to sensor2 and never received a response.
netrangr@director>
nrconns
Connection Status for director.rtp
sensor.rtp Connection 1: 171.68.120.214 45000 1 [Established] sto:0002
with Version 1
sensor2.rtp Connection 1: 171.68.120.213
45000 1 [SynSent] sto:0002 with
Version 1
•
nrest
—Is the same command as
nrconns
, but it shows only established connections. It will
not
display any other connections except for those already established.
netrangr@director>
nrest
Established Connections for director.rtp
sensor.rtp Connection 1: 171.68.120.214 45000 1 [Established] sto:0002
with Version 1
•
nrstop
—Used to force all IDS daemons to gracefully shut down.
netrangr@director>
nrstop
done
•
nrstart
—Used to start all IDS daemons. This command reads the file /usr/nr/etc/daemons and starts
all the IDS daemons listed.
netrangr@director>
nrstart
starting netranger services:
netrangr 1671 1 0 09:28:49 pts/0 0:00 /usr/nr/bin/nr.postofficed
netrangr 1781 1 0 09:28:51 ? 0:00 /usr/nr/bin/nr.configd
netrangr 1741 1 0 09:28:50 ? 0:00 /usr/nr/bin/nr.loggerd
netrangr 1823 1 0 09:28:51 pts/0 0:00 /usr/nr/bin/nr.fileXferd
netrangr 1751 1 0 09:28:50 ? 0:00 /usr/nr/bin/nr.packetd
netrangr 1766 1 0 09:28:50 ? 0:00 /usr/nr/bin/nr.managed
netrangr 1796 1 0 09:28:51 ? 0:00 /usr/nr/bin/nr.sapd
netranger startup done.
Error Files Used for Debugging Application Errors
The following files are located in the /usr/nr/etc directory. Each is created when you run the application
the first time. If you delete these files and stop and start the application, these files will be re-created.
However, if you do not delete these files, information will be appended on to it. Each file contains the
error associated with that daemon. For example, communication errors would be found in the
errors.postoffice file.
On the Sensor or appliance:
•
errors.fileXferd
—Errors with transferring files between the Sensor and the Director. This type of
file transfers normally happen when configuring the Sensor.
•
errors.managed
—Errors occurring while creating the access list on the router or when trying to
communicate with the router.
•
errors.packetd
—Errors occurring while capturing traffic of the network.
•
errors.postofficed
—Errors occurring with the communication infrastructure.
•
errors.sapd
—Errors occurring during file management.
On the Director:
