This section provides detailed description of all available CLI commands.
To display a list of available interfaces use the show interfaces command.
psh> show interfaces em0: Intel PRO/1000MT (82545EM) (00:0c:29:5c:42:82, UP/LINK) em1: Intel PRO/1000MT (82545EM) (00:0c:29:5c:42:84, UP/LINK)
To display information about an interface use the show interface interface_alias command.
psh> show interface em0 ip: 192.168.0.10 netmask: 255.255.255.0 desc: DMZ interface
To display information about the configured hostname use the show gateway command.
psh> show gateway gateway: 192.168.0.1
To display information about the configured hostname use the show hostname command.
psh> show hostname hostname: wsm.lab.alertlogic.com
To display information about the configured routes and other routing information use the show routes command.
psh> show routes Routing tables Internet: Destination Gateway Flags Refs Use Mtu Interface default 192.168.0.1 UGS 0 113 - em0 127/8 127.0.0.1 UGRS 0 0 33224 lo0 127.0.0.1 127.0.0.1 UH 3 40391 33224 lo0 192.168.0/24 link#1 UC 5 0 - em0 192.168.0.1 8:0:2b:c3:7f:da UHLc 2 277 - em0 192.168.0.9 0:30:5:47:63:34 UHLc 1 15616 - em0 192.168.0.11 0:d:60:76:7:5f UHLc 0 553 - em0 192.168.0.55 0:c:29:5c:42:84 UHLc 0 1512 - lo0 192.168.0.93 0:d:60:60:2:e9 UHLc 7 81599 - em0 224/4 127.0.0.1 URS 0 0 33224 lo0
To display the current Web Security Manager version use the show version command.
psh> show version version: Web Security Manager 2.8.0-release-i386
To configure the default gateway use the set gateway ip_address command.
psh> set gateway 192.168.0.1
To configure the default gateway use the set interface interface_alias ip ip_address netmask netmask command.
psh> set interface em0 ip 192.168.0.10 netmask 255.255.255.0
To configure the console operator password use the set password command.
psh> set password Changing local password for operator. Old password: New password: Retype new password:
To set GUI user status use the command.
set user username status ok|locked|suspended
psh> set user reviewuser status suspended
To run configured auto-backup (either FTP or SCP), use the system backup run command. This command can be used to force the backup to run on-demand.
psh> system backup run backup started in the background
To remove all cached HTTP resources, use the system cache flush command. This command can be used to flush all locally cached documents.
psh> system cache flush flushing document cache in the background
To send an ICMP ECHO request to a given IP address, use the system ping ip_address command. This command can be useful for testing network connectivity issues.
psh> system ping 192.168.0.1 PING 192.168.0.1 (192.168.0.1): 56 data bytes 64 bytes from 192.168.0.1: icmp_seq=0 ttl=255 time=1.666 ms 64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=0.523 ms 64 bytes from 192.168.0.1: icmp_seq=2 ttl=255 time=0.462 ms 64 bytes from 192.168.0.1: icmp_seq=3 ttl=255 time=0.506 ms 64 bytes from 192.168.0.1: icmp_seq=4 ttl=255 time=0.421 ms --- 192.168.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.421/0.715/1.666/0.477 ms
To force a up to date check on new available updates, use the system updates fetch command.
psh> system updates fetch fetch started in the background
To display pending updates, use the system updates query pending command.
psh> system updates query pending AL-PF-1.2.4-i386, Performance improvements and feature updates
To display installed updates, use the system updates query installed command.
psh> system update query installed AL-PF-1.2.2-i386, Cache module configuration update AL-PF-1.2.3-i386, Stability/security updates and improvements
To install a pending update, use the system updates install update_id command.
psh> system updates install AL-PF-1.2.4-i386 done
To display the system status use the system status command.
psh> system status application server (as): OK (pid: 5958) management interface (mi): OK (pid: 1768) core components (cc): OK (pid: 7058) rule daemon (rd): OK (pid: 20772) sync daemon (sd): OK (pid: 2620)
To restart system components use the system restart component
Available components are:
Application server
Management interface
Core components
Rule daemon
Synchronization daemon
psh> system restart as done
To shutdown Web Security Manager use the system shutdown command.
psh> system shutdown
To reboot Web Security Manager use the system reboot command.
psh> system reboot
To view status, enable and disable remote support (Section 2.11, “Remote access”) use the system remotesupport command.
psh> system reboot
To see the current status of remote support (i.e. are requests from Alert Logic being redirected from port 80 to port 22 enter system remotesupport status.
When remote support is enabled:
psh> system remotesupport status Current remote support setting: Enabled pf Status: Enabled for 0 days 00:00:11 Debug: Urgent pass in inet proto tcp from 130.226.138.37 to any port = ssh flags S/SA keep state rdr inet proto tcp from 130.226.138.37 to any port = www -> 127.0.0.1 port 22
When remote support is disabled (default):
psh>system remotesupport status Current remote support setting: Disabled pf Status: Disabled for 0 days 00:00:05 Debug: Urgent
To enable remote support (i.e. allowing access to port 22 from Alert Logic) enter system remotesupport enable.
psh> system remotesupport enable pf enabled remote support set Current remote support setting: Enabled pf Status: Enabled for 0 days 00:00:00 Debug: Urgent pass in inet proto tcp from 130.226.138.37 to any port = ssh flags S/SA keep state rdr inet proto tcp from 130.226.138.37 to any port = www -> 127.0.0.1 port 22
To disable remote support (i.e. disallowing access to port 22 from Alert Logic) enter system remotesupport disable.
psh> system remotesupport disable pf disabled remote support set Current remote support setting: Disabled pf Status: Disabled for 0 days 00:00:00 Debug: Urgent