Pour voir les transaction en cours par le systeme:
Rendez vous dans le dossier de iwss, vous y trouverez une commande stpeek... qui permet de voir les transaction en cours...
Prints, in tab separated format, the status of each proxied
transaction that is actively handled by IWSS ftp or http proxy
New sessions that are queued will not be displayed
Options:
'F' - print session table for the FTP proxy process
'x' - Don't copy the session table shared memory to process local memory before printing - NOT RECOMMENDED
'h' - Print this informational page
'm' - Print the session table a maximum of [count] times, every [period] seconds.
Default is to print only print the table once. To change [period] use the 'n' option
'n' - Specify the [period] of seconds to peek at the session table. Default is 5 seconds
'w' - Print session table output to the file specified in [filename] instead of to the console
Columns printed:
SEQ:PID or CPID:PPID - The sequence number and process number of the state object attached to
this session. For process-per-session mode daemons this is replaced by the child process
and parent process pids
STATUS - The current status of the transaction. Supported values include:
DISCON - Not connected. These nodes are normally never displayed
RCV_REQ - Waiting for incoming client HTTP or ICAP request
DNS - Resolving the domain name of the HTTP server
CON_SRV - Connecting to the HTTP server
SND_REQ - Relaying the complete client request to the HTTP server
PRL_REQ - Relaying the client request to the HTTP server before
the request has been completely received by IWSS
RCV_RSP - Receiving the HTTP response from the server
SND_RSP - Relaying the complete HTTP or ICAP response from the server to the client
PRL_RSP - Relaying the partial HTTP response from the server to the client
before the entire response has been received by IWSS
SND_100 - Sending a 100 Continue HTTP or ICAP response to the client
TUNNEL - The session is an unexamined HTTPS or non-HTTP protocol transaction
which is tunneled by IWSS
FTPHTTP - An FTP over HTTP transaction
TXDONE - Transaction is complete but not yet reset
PRL_ICAP - Sending an ICAP response before the complete ICAP request has been
received by IWSS
FTP_CMD - Handling the command channel for an FTP session
CON_CMD - Connecting the command channel to the FTP server - includes DNS
DC_SRV - Connecting the passive-mde data channel to the FTP server
DC_CLT - Connecting the active-mode data channel to the FTP client
DL_SRV - Waiting for an active-node data connection from the FTP server
DL_CLT - Waiting for the passive-mode data connection from the FTP client
FTP_UL - Performing an FTP upload
FTP_DL - Performing an FTP download
PS_TXLOG - Writing the transaction log
PS_AQINF - Preparing access quota info
PS_AQENF - Enforcing the access quota
PS_URLS - Checking URL lists
PS_RATE - Performing TMUFE/WRS score query
PS_PLUGIN - Running PreScan plugins
PS_SKIP - Checking skip-scan rules
SC_VIRUS - Performing virus/spyware scan
SC_AAXS - Performing AAXS scan
SC_ITL - Perfoming IntelliTunnel scan
C_SOCK - Descriptor number of the client socket
CLIENT_ADDR - IPv4 address of the client connection
S_SOCK - Descriptor number of the server socket. For FTP proxy this is only the
command channel. For ICAP this is unused.
SERVER_ADDR - IPv4 address of the server connection. For FTP proxy this is
only the command channel. For ICAP this is unused.
LCL_PORT - The local port number used for the server connection
STAGE - The current stage handling the session. This is only used in WorkQueue
daemons, designated by command line option -m for the proxy process
STGTIME - The number of seconds the session has been in the current stage.
This is only used in WorkQueue daemons, designated by command line option
-m for the proxy process
CONTIME - The number of seconds that this client session has been actively handled
IOWAIT - The number of milliseconds since the last I/O event related to this session was handled
THRUBYTE - The number of bytes written to any socket during this transaction
THRUPUT - The number of bytes per second written during the current transaction
FLAGS - Flags set for this session. Currently supported flags:
IDL - The session is idle, waiting for a client request
SSL - The session is HTTPS
SKP - Scanning of this transaction has been skipped due to configuration
TBP - The session is non-HTTP binary protocol tunneled over port 80
Commentaires
Comment
I was beginning to doubt that it was possible to find good content for once, I reaaly am getting sick of the absolute drivel I find of late, respect.
Well, in fact I've put those
Well, in fact I've put those information to be sure that I can found it anytime ...