Navigation
Supported Platforms
traceoptions (Security NAT)
Syntax
traceoptions {file {filename;files number;match regular-expression;size maximum-file-size;(world-readable | no-world-readable);}flag flag;no-remote-trace;}
Hierarchy Level
[edit security nat]
Release Information
Statement modified in Junos OS Release 9.6.
Description
Configure NAT tracing options.
Options
- file—Configure the trace file options.
- filename—Name of the file to receive the output of the tracing operation. Enclose the name within quotation marks. All files are placed in the directory /var/log. By default, the name of the file is the name of the process being traced.
- files number—Maximum number of trace files. When
a trace file named trace-file reaches its maximum size, it is renamed to trace-file.0, then trace-file.1, and
so on, until the maximum number of trace files is reached. The oldest
archived file is overwritten.
If you specify a maximum number of files, you also must specify a maximum file size with the size option and a filename.
Range: 2 through 1000 files
Default: 10 files
- match regular-expression—Refine the output to include lines that contain the regular expression.
- size maximum-file-size—Maximum size of each trace
file, in kilobytes (KB), megabytes (MB), or gigabytes (GB). When a
trace file named trace-file reaches
this size, it is renamed trace-file.0. When the trace-file again reaches its maximum size, trace-file.0 is renamed trace-file.1 and trace-file is renamed trace-file.0. This
renaming scheme continues until the maximum number of trace files
is reached. Then the oldest trace file is overwritten.
If you specify a maximum file size, you also must specify a maximum number of trace files with the files option and a filename.
Syntax: x K to specify KB, x m to specify MB, or x g to specify GB
Range: 10 KB through 1 GB
Default: 128 KB
- world-readable | no-world-readable—By default, log files can be accessed only by the user who configures the tracing operation. The world-readable option enables any user to read the file. To explicitly set the default behavior, use the no-world-readable option.
- flag—Trace operation to perform. To specify more than one trace
operation, include multiple flag statements.
- all—Trace with all flags enabled
- destination-nat-pfe—Trace destination NAT events on PFE-ukernel side, which includes the configuration installation on the PFE.
- destination-nat-re—Trace destination NAT events on Routing Engine (RE) side, which includes the configuration validation and the configuration push to the PFE side.
- destination-nat-rt—Trace destination NAT events on Packet Forwarding Engine real-time (PFE-RT) side, which includes the NAT rule match, and subsequent action.
- source-nat-pfe—Trace source NAT events on PFE-ukernel side, which includes the configuration installation on the PFE.
- source-nat-re—Trace source NAT events on RE side, which includes configuration validation and the configuration push to the PFE side.
- source-nat-rt—Trace source NAT events on PFE-RT side, which includes the NAT rule match, and subsequent action.
- static-nat-pfe—Trace static NAT events on PFE-ukernel side, which includes the configuration installation on the PFE.
- static-nat-re—Trace static NAT events on RE side, which includes configuration validation and the configuration push to the PFE.
- static-nat-rt—Trace static NAT events on PFE-RT side, which includes the NAT rule match, and subsequent action.
- no-remote-trace—Set remote tracing as disabled.
Required Privilege Level
trace—To view this statement in the configuration.
trace-control—To add this statement to the configuration.
