junos防火墙磁盘空间管理

概要

junos防火墙底层是一个类unix的系统,如果开启日志记录功能,防火墙的磁盘有可能被日志塞满。因此,需要定期检查防火墙的磁盘空间使用情况。

怎样查看防火墙的磁盘空间

  • 方法一: 在cli模式下,使用show system storage,这个方法可以看到集群所有的节点磁盘使用情况
root@SRX-A% cli
{primary:node0}

root@SRX-A> show system storage
node0:
--------------------------------------------------------------------------
Filesystem              Size       Used      Avail  Capacity   Mounted on
/dev/ad0s1a             619M       153M       417M       27%  /
devfs                   1.0K       1.0K         0B      100%  /dev
/dev/md0                389M       389M         0B      100%  /junos
/cf                     619M       153M       417M       27%  /junos/cf
devfs                   1.0K       1.0K         0B      100%  /junos/dev/
procfs                  4.0K       4.0K         0B      100%  /proc
/dev/bo0s3e              49M        82K        45M        0%  /config
/dev/bo0s3f             615M       615M     -49.0M      109%  /cf/var
/dev/md1                336M        19M       289M        6%  /mfs
/cf/var/jail            615M       615M     -49.0M      109%  /jail/var
/cf/var/log             615M       615M     -49.0M      109%  /jail/var/log
devfs                   1.0K       1.0K         0B      100%  /jail/dev
/dev/md2                 63M       4.0K        58M        0%  /mfs/var/run/utm
/dev/md3                1.8M       388K       1.3M       22%  /jail/mfs

node1:
--------------------------------------------------------------------------
Filesystem              Size       Used      Avail  Capacity   Mounted on
/dev/ad0s1a             619M       146M       423M       26%  /
devfs                   1.0K       1.0K         0B      100%  /dev
/dev/md0                389M       389M         0B      100%  /junos
/cf                     619M       146M       423M       26%  /junos/cf
devfs                   1.0K       1.0K         0B      100%  /junos/dev/
procfs                  4.0K       4.0K         0B      100%  /proc
/dev/bo0s3e              49M        82K        45M        0%  /config
/dev/bo0s3f             615M       9.4M       556M        2%  /cf/var
/dev/md1                336M        29M       280M       10%  /mfs
/cf/var/jail            615M       9.4M       556M        2%  /jail/var
/cf/var/log             615M       9.4M       556M        2%  /jail/var/log
devfs                   1.0K       1.0K         0B      100%  /jail/dev
/dev/md2                 63M       4.0K        58M        0%  /mfs/var/run/utm
/dev/md3                1.8M       4.0K       1.7M        0%  /jail/mfs

{primary:node0}
  • 方法二: 在shell模式下,使用shell命令df -h,这种方法只能看到当前登录节点的磁盘使用情况
root@SRX-A> start shell
root@SRX-A% df -h
Filesystem      Size    Used   Avail Capacity  Mounted on
/dev/ad0s1a     619M    153M    417M    27%    /
devfs           1.0K    1.0K      0B   100%    /dev
/dev/md0        389M    389M      0B   100%    /junos
/cf             619M    153M    417M    27%    /junos/cf
devfs           1.0K    1.0K      0B   100%    /junos/dev/
procfs          4.0K    4.0K      0B   100%    /proc
/dev/bo0s3e      49M     82K     45M     0%    /config
/dev/bo0s3f     615M    615M    -49M   109%    /cf/var
/dev/md1        336M     19M    289M     6%    /mfs
/cf/var/jail    615M    615M    -49M   109%    /jail/var
/cf/var/log     615M    615M    -49M   109%    /jail/var/log
devfs           1.0K    1.0K      0B   100%    /jail/dev
/dev/md2         63M    4.0K     58M     0%    /mfs/var/run/utm
/dev/md3        1.8M    388K    1.3M    22%    /jail/mfs

怎样清除磁盘空间

  • 方法一:在cli模式下,使用命令request system storage cleanup,该命令会删掉所有归档的日志或临时文件,不允许选择单独删特定文件
{primary:node0}
root@SRX-A> request system storage ?
Possible completions:
  cleanup              Clean up temporary files and rotate logs
{primary:node0}
root@SRX-A> request system storage cleanup

List of files to delete:

         Size Date         Name
   894B Aug  4  2014 /cf/var/crash/flowd_octeon_hm.log..0
   894B Aug  4  2014 /cf/var/crash/flowd_octeon_hm.log..1
   894B Aug  4  2014 /cf/var/crash/flowd_octeon_hm.log..2
   894B Aug  4  2014 /cf/var/crash/flowd_octeon_hm.log..3
   894B Aug  4  2014 /cf/var/crash/flowd_octeon_hm.log..4
   894B Aug 30  2017 /cf/var/crash/flowd_octeon_hm.log.SRX-A.0
   894B Aug 30  2017 /cf/var/crash/flowd_octeon_hm.log.SRX-A.1
   894B Aug 11  2014 /cf/var/crash/flowd_octeon_hm.log.SRX-A.2
   894B Aug 30  2017 /cf/var/crash/flowd_octeon_hm.log.SRX-A.3
   894B Aug 30  2017 /cf/var/crash/flowd_octeon_hm.log.SRX-A.4
   894B Aug  1  2014 /cf/var/crash/flowd_octeon_hm.log.SRX550-A.0
   894B Aug  1  2014 /cf/var/crash/flowd_octeon_hm.log.SRX550-A.1
   894B Aug  1  2014 /cf/var/crash/flowd_octeon_hm.log.SRX550-A.2
   894B Aug  1  2014 /cf/var/crash/flowd_octeon_hm.log.SRX550-A.3
   894B Aug  1  2014 /cf/var/crash/flowd_octeon_hm.log.SRX550-A.4
    47B Dec 31  2017 /cf/var/jail/tmp/MPR_73334_16457_2.tmp
    47B Dec 31  2017 /cf/var/jail/tmp/MPR_73334_16613_3.tmp
    47B Dec 31  2017 /cf/var/jail/tmp/MPR_73334_16787_4.tmp
    32B Dec 31  2017 /cf/var/jail/tmp/MPR_73334_876_1.tmp
    
Delete these files ? [yes,no] (no)
  • 方法二:在shell模式下,使用shell命令找出大的文件再删除掉,注意,在删文件前,要清楚文件的作用,而且要做好备份
{primary:node0}
root@SRX-A> start shell
root@SRX-A% sh -c 'find / -size +5120000c 2> /dev/null' | xargs du -h | sort -nr
224K    /mfs/var/sdb/log.0000000001
142M    /cf/packages/junos-12.1X44-D30.4-domestic
 41M    /usr/sbin/flowd_octeon_hm
 33M    /usr/sbin/flowd_octeon
 13M    /usr/sbin/rpd
 13M    /mfs/var/run/db/schema.db
6.8M    /usr/lib/dd/libjkernel-dd.so
6.8M    /jail/html/dynamic-vpn/client/jam/InstallerComponentSRX.exe
6.6M    /usr/sbin/authd
6.5M    /usr/sbin/chassisd
5.1M    /usr/sbin/kmd
  • 方法三,如果是日志文件,则可以使用clear log log_file_name来清除
root@SRX-A> clear log httpd.log

{primary:node0}
最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
【社区内容提示】社区部分内容疑似由AI辅助生成,浏览时请结合常识与多方信息审慎甄别。
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。