connect shell Commands

connect adapter: Command List

After you have used the Supervisor connect adapter command to connect to the command shell for a specific adapter, the following commands are available in that shell. See connect adapter for information about the connect adapter command.


Attention


These commands should be used only when troubleshooting virtualized network adapters with Cisco TAC supervision.


Note that when you connect to an adapter command shell, the command-line prompt changes from your default prompt, which is the name you assigned to the appliance, to adapter n/n/n, where n/n/n is the adapterʼs chassis/server/ID combination you entered to connect.

To exit adapter mode, type exit .

Examples

The following example shows how to connect to the adapter command shell, and view available commands:


firepower# connect adapter 1/2/1
adapter 1/2/1 # help
Available commands:
  connect             - Connect to remote debug shell
  exit                - Exit from subshell
  help                - List available commands
  history             - Show command history
  show-fwlist         - Show firmware versions on the adapter
  show-identity       - Show adapter identity
  show-phyinfo        - Show adapter phy info
  show-systemstatus   - Show adapter status
adapter 1/2/1 # exit
firepower#    

 

Table 1. Commands Available in the Adapterʼs Primary Command Shell

Command

Additional Information

connect

Connects to the debug shell; provides access to the commands listed in the following table.

exit

Exits from the adapter command shell.

help

Lists the commands available in this shell.

history

Shows a list of commands issued since entering this shell.

show-fwlist

Shows firmware versions on the adapter.

show-identity

Show adapter identity

show-phyinfo

Show adapter phy info

show-systemstatus

Show adapter status

 

The following commands are available in the debug subshell; accessed by entering the connect command in the adapterʼs primary command shell.


Note


When you connect to an adapter shellʼs debug subshell, the command-line prompt changes from the adapter n/n/n prompt, to adapter n/n/n (top):n, where (top): indicates you are in the top subshell of the adapter command shell, and n represents the number of command lines presented thus far in this debug session.


To exit the debug subshell, type exit .

Examples

The following example shows how to connect to the adapterʼs debug subshell, and view available commands:


adapter 1/2/1 # connect
No entry for terminal type "dumb";
using dumb terminal settings.
adapter 1/2/1 (top):1# help
Available commands:
  attach-fls      - Attach to fls
  attach-mcp      - Attach to mcp
  estat           - Run fc performance monitor
  exit            - Exit from subshell
  help            - List available commands
  history         - Show command history
  phy-read        - Read PHY register
  show-acltab     - Show ACL table
  show-fru        - Show FRU contents
  show-fwdtab     - Show forwarding table
  show-log        - Show system log
  show-macstats   - Show MAC statistics
  show-pcisw      - Show PCIE switch status
adapter 1/2/1 (top):2# exit
adapter 1/2/1 #    

 

Table 2. Commands Available in the Adapter Debug Subshell

Command

Additional Information

attach-fls

Attaches to the adapterʼs fabric login service; provides access to the commands listed in a following table.

attach-mcp

Attaches to the Master Control Program. A large number of debug-information commands are available; use the help command to view a list.

Again, these commands are for use only with Cisco TAC guidance.

estat

Launches a Fibre Channel performance monitor.

exit

Exits from this subshell.

help

Lists the commands available in this subshell.

history

Shows a list of commands issued since entering this subshell.

phy-read

Read PHY register

show-acltab

Show ACL table

show-fru

Show FRU contents

show-fwdtab

Show forwarding table

show-log

Show system log

show-macstats

Show MAC statistics

show-pcisw

Show PCIE switch status

 

The following commands are available in the Fabric Login Service (FLS) subshell; accessed by entering the attach-fls command in the adapterʼs debug shell.


Note


When you connect to the FLS subshell of an adapterʼs debug subshell, the command-line prompt changes from adapter n/n/n (top):n, to adapter n/n/n (fls):n where (fls): indicates you are in the FLS subshell of the debug subshell, and n represents the number of command lines presented thus far in this FLS session.


To exit the FLS subshell, type exit ; you are returned to the debug subshell.

Examples

The following example shows how to attach to the FLS subshell from the debug subshell, and view available commands:


adapter 1/2/1 # connect
No entry for terminal type "dumb";
using dumb terminal settings.
adapter 1/2/1 (top):1#  attach-fls
No entry for terminal type "dumb";
using dumb terminal settings.
adapter 1/2/1 (fls):1# help
Available commands:
         d - dumps the contents of the last fw request
      exit - Exit from subshell
  fwactive - retrieve active fcpu exchanges
     fwcqs - retrieves fcpu cq information
    fwexch - retrieves fcpu exchange data
     fwlif - retrieves fcpu lif data
    fwvnic - retrieves fcpu vnic data
      help - List available commands
   history - Show command history
       lif - Show lif information
     login - Show login information pertaining to vnic
   lunlist - Show Nameserver and Report LUN's response information for vnic
    lunmap - Show lunmap information pertaining to vnic
      vnic - Show vnic information

adapter 1/2/1 (fls):2# exit
adapter 1/2/1 (top):2#

 

Table 3. Commands Available in the FLS Subshell

Command

Additional Information

d

Dumps the contents of the last firmware request.

exit

Exits from the FLS subshell.

fwactive

Retrieves active fcpu exchanges

fwcqs

Retrieves fcpu cq information

fwexch

Retrieves fcpu exchange data

fwlif

Retrieves fcpu lif data

fwvnic

Retrieves fcpu vnic data

help

Lists available commands

history

Shows command history

lif

Shows lif information

login

Shows login information pertaining to vnic

lunlist

Shows Nameserver and Report LUN's response information for vnic

lunmap

Shows lunmap information pertaining to vnic

vnic

Shows vnic information

connect cimc: Command List

After you have used the Supervisor connect cimc command to connect to the CIMC firmware debug utility for a specific module, the following commands are available in that shell. See connect cimc for information about the connect cimc command.

This utility provides access to a read-only shell with commands that let you view real-time CIMC debug information. These commands are used mainly for troubleshooting CIMC issues: viewing alarms, system event logs, on-board failures, and power controls.


Note


When you connect to the CIMC command shell, the command-line prompt changes from your default prompt, which is the name you assigned to the appliance, to [ xxx ], where xxx is the last command you entered; see the following example.


To exit the CIMC shell, type exit .

Examples

The following example shows how to connect to CIMC mode and then list the available commands:


firepower# connect cimc 1/1
Trying 127.5.1.1...
Connected to 127.5.1.1.
Escape character is '^]'.

CIMC Debug Firmware Utility Shell [ support ]
[ help ]# help
__________________________________________
          Debug Firmware Utility
__________________________________________
Command List
__________________________________________
alarms
cores
dimmbl
exit
i2cstats
images
mctools
memory
messages
mrcout
network
obfl
post
power
programmables
sensors
sel
fru
tasks
top
update
users
version
cert
sldp
help
help [COMMAND]
__________________________________________
 Notes:
"enter Key" will execute last command
"COMMAND ?" will execute help for that command
__________________________________________
[ help ]# power
OP:[ status ]                  
Power-State:                 [ on ]
Master-State:                [ Master ]
VDD-Power-Good:              [ active ]
Power-On-Fail:               [ inactive ]
Power-Ctrl-Lock:             [ unlocked ]
Power-System-Status:         [ Good ]
Front-Panel Power Button:    [ Disabled ]
Front-Panel Reset Button:    [ Disabled ]
Source of Last Power Change: [ Software - "mcserver" ]
OP-CCODE:[ Success ]
[ power ]# exit
Connection closed by foreign host.
firepower#                               

 

Table 4. Commands Available in the CIMC Debug Shell

Command

Additional Information

alarms

Displays the current StatusLED state, and which sensors are in alarm, if any.

Alarm Levels:

       1 - OK (GREEN ON)

       2 - Mem Init (GREEN BLINK)

       3 - Mild Fault (AMBER ON)

       4 - Severe Fault (AMBER BLINK)

cores

Lists the Core Dump Directory.

exit

Exits from the CIMC subshell.

fru

Lists all field-replaceable unit (FRU) device information.

help [COMMAND]

Entering just the command help lists all available commands. Entering help cmd_name , or cmd_name ? , shows help information for the specfied command.

i2cstats

Displays I2C controller register information, driver counters, and multi-primary debug trace data.

images

Displays software image version and status information.

mctools

Displays current MCtools state information: socket and share-file cache size information.

memory

Lists memory and load statistics.

messages

messages [dump|follow|tail]

dump - Dump the /var/log/messages file

follow - Tail and Follow /var/log/messages file

tail - Dump the last 100 messages

mezz1fru

Show the mezz card 1 FRU information

mezz2fru

Show the mezz card 2 FRU information

mrcout

Dump MrcOut*.txt

network

view network status in realtime ;

Dump Network information

obfl

Dump the OBFL - on-board fault log

dump - Dump OBFL

follow - Tail and Follow OBFL

tail - Dump the last 100 messages

post

Dump BIOS Post Information

power

view power status in realtime

Dump Blade Power Status

programmables

Dump Board Programmable Versions

sensors

view all sensors in realtime

sensors [all|power|temp|fault|pres|led]

all - Dump all Sensors (default)

power - Dump only Power Sensors

temp - Dump only Temprature Sensors

fault - Dump only Fault Sensors

pres - Dump only Presence Sensors

led - Dump only LED Sensors

sel

Show the Blade SEL Information - system event log

sldp

Cisco CIMC Interactive Debug

This command performs interactive debug authentication with the aid of the user and Cisco support personnel.

tasks

Dump Running Task Information

top

Run TOP Process Monitoring

update

Current Firmware Update Status

users

Dump IPMI Users

version

Get the Version Information

connect fxos: Command List

After you have used the Supervisor connect fxos command to connect to the FXOS CLI shell for the switching fabric, the following commands are available in that shell. See connect adapter for information about the connect fxos command.


Note


When you connect to the FXOS command shell, the command-line prompt changes from your default prompt, which is the name you assigned to the appliance, to the default prompt with (fxos) appended; see the following example.


To exit the FXOS shell, type exit .

Examples

The following example shows how to connect to the FXOS command shell, and view available commands:


firepower# connect fxos
firepower(fxos)# ?
  clear         Reset functions
  cli           CLI commands
  debug         Debugging functions
  debug-filter  Enable filtering for debugging functions
  ethanalyzer   Configure cisco packet analyzer
  no            Negate a command or set its defaults
  ntp           NTP configuration
  show          Show running system information
  system        System management commands
  terminal      Set terminal line parameters
  test          Test command
  undebug       Disable Debugging functions (See also debug)
  end           Go to exec mode
  exit          Exit from command interpreter
  pop           Pop mode from stack or restore from name
  push          Push current mode to stack or save it under name
  where         Shows the cli context you are in

firepower(fxos)# exit
firepower# 

 

Table 5. Commands Available in the FXOS Shell for the Switching Fabric

Command

Additional Information

clear

Reset functions

       counters - Clear counters

       logging - Clear logging information

       mac - MAC

cli

CLI commands

       var - Define a variable

debug

Debugging functions; see following table

debug-filter

Enable filtering for debugging functions

       ip - IP events

       ipv6 - IPv6 events

       pktmgr - Pm debug-filter

       routing - Routing events

ethanalyzer

Configure Cisco packet analyzer

       local - Start local capture of frames to Sup

no

Negate a command or set its defaults

       debug - Debugging functions

       debug-filter - Enable filtering for debugging functions

       ethanalyzer - Configure cisco packet analyzer

       terminal - Set terminal line parameters

       test - Test command

ntp

NTP configuration

       sync-retry - Retry synchronization with configured servers

show

Show running system information; see following table

system

System management commands

       hap-reset - Enables resetting of local or remote sup on ha failures

       heartbeat - Enables heartbeat

       no - Negate a command or set its defaults

terminal

Set terminal line parameters; see the following table

test

Test command

       aaa - Aaa authentication

       eltm - Display eltm information

       forwarding - Fib information

       hardware - Test hardware parameters

       otv

undebug

Disable Debugging functions (See also debug)

       all - Disable all debugging

       icmpv6 - ICMPv6 debug commands

       ip - IP events

       ipv6 - IPv6 events

       l2 - Layer2

       l3vm - Debug L3VM information

       pktmgr - Packet manager debug/tunnel information

       rpm - Route Policy Manager (RPM)

       sockets - Sockets

       system - Enable debugging of system components

end

Go to exec mode

exit

Exit from command interpreter

pop

Pop mode from stack or restore from name

name – Name (optional)

push

Push current mode to stack or save it under name

name – Name (optional)

where

Shows the cli context you are in

       detail – Shows each entry on separate line (optional)

 

Table 6. Debug, Show and Terminal Commands Available in the FXOS Command Shell

Command

Additional Information

debug

 

Debugging functions

aaa – Enable debugging for aaa

aclcomp – Configure aclcomp debug

acllog – Configure acllog debug

aclmgr – Configure aclmgr debug

afm – Configure afm debug

assoc – Original ID to Translated ID Association

bcm-usd –  BCM USD

bootvar – Enable bootvar debugging

callhome – Enable debugging for Callhome

cdp – Configure CDP debugging

cert-enroll – Configure debugging for cert enroll daemon

cfs – Enable debugging for CFS

cli – Debug cli

clis – Debug cli server

clk_mgr – Configure clk_mgr debug

copp – Configure copp debug

core – Configure core daemon debugging

csm – Enable csm debugs

device-alias – Configure debugs for Device Alias Distribution Service

dstats – Configure delta statistics debugging

eltm – Configure eltm debug

ethpc – Configure ethpc debug

ethpm – Configure ethpm debug

evmc – Event manager client debugs

fc-mac – Debug fcp information

fc2 – Configure FC2 debugging

fc2d – Configure fc2d debug

fcdomain – Enable fcdomain debugging

fcfwd – Enable fcfwd debugging

fcns – Debug name server

fcoe_klm – Configure FCOE_KLM debugging

fcpc – Configure fcpc debug

fcs – Configure Fabric Configuration Server Debugging

fdmi – Configure fdmi debugging

fex – Debug cli for FEX process

fex – Configure fex debug

flogi – Configure flogi debug

fm – Configure feature manager debugging

fspf – Configure FSPF debugging

hardware – Debug hardware,kernel loadable module parameters

icmpv6 – ICMPv6 debug commands

idehsd – Configure Idehsd handler debugging

im – Configure im debug

ip – IP events

ipconf – Configure ipconf debug

ipfib – Configure ipfib debug

ipqos – Configure IP QoS Manager debug

ipv6 – IPv6 events

klm – Debug kernel loadable module parameters

l2 – Layer2

l3vm – Debug L3VM information

lacp – Configure lacp debug

ldap – Configure debugging for ldap

ledmgr – Configure LED manager debugging

license – Enable debugging for Licensing

lldp – Configure lldp debug

logfile – Direct debug output to logfile

logging – Configure logging or syslogd debug

m2rib – Configure m2rib debug

mcec – Configure MCEC debugging

mcm – Configure mcm debug

mfdm – Configure mfdm debug

monitor – Configure Ethernet SPAN sessions

msp – Configure msp debug

mvsh – MVSH server debugs

nf – Configure nf debug

nohms – Configure nohms debug

npacl – Configure NPACL feature

nsmgr – Configure nsmgr debug

ntp – Debug NTP module

obfl – Configure obfl debugging

pfm – Configure pfm debug

pfstat – Configure pfstat debug

pktmgr – Packet manager debug/tunnel information

platform – Configure platform debugging

platform – Platform internal information

platform – Platform

plog – Configure plog debugging

pltfm_config – Configure pltfm_config debug

plugin – Configure plugin debug

port – Configure port debugging

port-channel – Configure port-channel debug

port-profile – Enable port-profile manager debugs

port-resources – Configure prm debug

port-security – Port security related command

private-vlan – Configure debug flags for private VLAN

process-sap – SAP of the process to be debugged

provision – Configure provision debug

psshelper – Psshelper debug

psshelper_gsvc – Psshelper debug

ptplc – Configure ptplc debug

qd – Show information about qd

radius – Configure debugging for radius daemon

res_mgr – Configure res_mgr debug

rib – Configure rib debugging

rlir – Configure RLIR debugging

rpm – Route Policy Manager (RPM)

rscn – Configure RSCN debugging

sal – Configure sal debug

san-port-channel – Configure san-port-channel debug

scsi-target – Configure scsi target daemon debugging

security – Configure debugging for security

session-mgr – Enable session manager debugs

snm – Configure snm debug

snmp – Configure snmp-server Debugging

sockets – Sockets

spm – Configure spm debug

statsclient – Stats

system – Enable debugging of system components

system – Debug system

tacacs+ – Configure debugging for TACACS+

track – Configure track debug

transceiver – FC transceiver debug commands

tunnel – Configure tunnel debug

udld – Configure udld debug

Note

 

Unidirectional link detection (UDLD) is not supported by FXOS; ignore any references to UDLD.

ufdm – Configure ufdm debug

vim – Configure vim debug

vlan – Configure debug flags for vlan manager

vmm – Configure vmm debug

vms – Configure vms debug

vsan – Enable VSAN manager debugging

willesden – Configure willesden debugging

wwn – Configure WWN Manager Debugging

xml – XML agent

zone – Zone server debug commands

zschk – Configure zschk debug

show

Show running system information

aaa – Show aaa information

access-lists – List access lists

accounting – Show accounting configuration

banner – Show current motd banner message

boot – Show Bootvar Variables

callhome – Show callhome information

cdp – Show Cisco Discovery Protocol information

cfs – CFS Show Command handler

class-map – Show class maps

cli – Show CLI information

clock – Display current Date

cluster-state – View cluster state

configuration – Show information about configuration sessions

copyright – Copyright information

debug – Show debug flags

device-alias – Show information about Device Alias Distribution Service

diagnostic – Diagnostic commands

ecmp-groups – Display all ECMP groups

environment – System environment information

fc2 – Show fc2 tables and statistics

fc2d – Show information about fc2d

fcalias – Fcalias show commands

fcdomain – Show fcdomain information

fcdroplatency – Show switch or network latency

fcflow – Show fcflow information

fcid-allocation – Show information about fcid-allocation list

fcns – Show name server tables

fcroute – Show FC routes

fcs – Show Fabric Configuration Server Information

fctimer – Show Fibre Channel timers

fdmi – Show fdmi information

flogi – Show information about FLOGI

fp – Fp

fspf – Show information about FSPF

hardware – Show hardware information

hostname – Show the system's hostname

hosts – Show information about DNS

in-order-guarantee – Show in-order delivery guarantee configuration

incompatibility – Show incompatible configurations

install – Show the software install impact between two images

interface – Show interface status and information

inventory – Show physical inventory

ip – Display IP information

ip – IP information

ipmc-groups – Display all IPMC groups

ipv6 – Display IPv6 information

klm – Show kernel module information

l2-class-id – L2 class ID allocation

l2-table – Display all L2 entries

lacp – Show LACP information

ldap-server – Show LDAP configuration information

line – Show the line configuration

lldp – Show information about lldp

loadbalancing – Show unicast loadbalancing of a certain flow or exchange

locator-led – Display locator led status on the device

logging – Show logging configuration and contents of logfile

mac – MAC

module – Show module information

monitor – Show Ethernet SPAN information

msp – Msp commands

nsm – Show Network Segment Manager information

ntp – Show NTP information

phy-bypass – Hardware Bypass

platform – Shows list of events received by Platform Manager

policy-map – Show policy maps

port – Show port information

port-channel – Show port-channel information

port-profile – Show port-profile

port-security – Port security related command

queuing – Show interface queuing information

radius-server – Show RADIUS configuration information

redundancy – Show system redundancy status

resource – Show resource configuration for VDC

rlir – Show RLIR information

rmon – Display RMON statistics

role – Show role configuration

routing – Display routing information

routing-context – Display the current routing context

rscn – Show RSCN information

running-config – Current running configuration

san-port-channel – Show port-channel information

scsi-target – Show discovered scsi target information

snmp – Show snmp information

sprom – SPROM contents

ssh – Show SSH information

startup-config – Current startup configuration

svs – Show svs information

switchname – Show the system's hostname

system – System-related show commands

tacacs-server – Show TACACS+ configuration information

tech-support – Gather information for troubleshooting

telnet – Show telnet server configuration

terminal – Display terminal configuration parameters

topology – Show information of connected switches

track – Tracking information

trunk – Show trunk information

udld – UDLD protocol

Note

 

Unidirectional link detection (UDLD) is not supported by FXOS; ignore any references to UDLD.

user-account – Show user information

users – Show the current users logged in the system

vdc – Show Virtual Device Contexts

version – Show the software version

vifs – Virtual interfaces

vlan – Vlan commands

vms – Vms commands

vmware – Vmware related

vrf – Display VRF information

vsan – Show vsan information

wwn – Show wwn information

xml – XML agent

zone – Zone show commands

zoneset – Zoneset show commands

terminal

Set terminal line parameters

alias – Show aliases (if no arugments); create 'exec' aliases (not persistent). Persistent aliases are in config mode, see 'cli alias'

color – Enable colorization of prompt(green if last command ok, red if error), command line (blue), output (default color)

dont-ask – Don't ask 'are you sure' questions, take default answer instead

edit-mode – Set command line edition keys (vi or emacs; emacs is default)

event-manager – Event manager cli event

history – Configure terminal history properties

length – Set number of lines on a screen

monitor – Copy Syslog output to the current terminal line

no – Negate a command or set its defaults

output – How output of show commands should be formated

prompt – Configure how the prompt should look like

redirection-mode – Set the redirection mode

session-timeout – Set session timeout

sticky-mode – Search for the command match in current mode only

terminal-type – Set the terminal type

time – Save the current time under a variable

tree-update – Updates the main parse tree

verify-only – Verify command and do not execute

width – Set width of the display terminal

connect local-mgmt: Command List

After you have used the Supervisor connect local-mgmt command to connect to the local management shell, the following commands are available in that shell. See connect adapter for information about the connect local-mgmt command.

In this shell, you can perform operations on the fabric interconnect, including copying files, rebooting the fabric interconnect, running ping and traceroute commands, and perhaps most importantly, generating troubleshooting files.


Note


When you connect to the local-management command shell, the command-line prompt changes from your default prompt, which is the name you assigned to the appliance, to the default prompt with (local-mgmt) appended; see the following example.


To exit the local-management mode, type exit .

Examples

The following example shows how to connect to the local-management command shell, and view available commands:


firepower# connect local-mgmt
firepower(local-mgmt)#  ?
  cd                Change current directory
  clear             Clear managed objects
  cluster           Cluster mode
  connect           Connect to Another CLI
  copy              Copy a file
  cp                Copy a file
  delete            Delete managed objects
  dir               Show content of dir
  enable            Enable
  end               Go to exec mode
  erase             Erase
  erase-log-config  Erase the mgmt logging config file
  exit              Exit from command interpreter
  fips              FIPS compliance
  ls                Show content of dir
  mgmt-port         Management Port
  mkdir             Create a directory
  move              Move a file
  mv                Move a file
  ping              Test network reachability
  ping6             Test IPv6 network reachability
  pwd               Print current directory
  reboot            Reboots Fabric Interconnect
  restore-check     Check if in restore mode
  rm                Remove a file
  rmdir             Remove a directory
  run-script        Run a script
  show              Show system information
  shutdown          Shutdown
  ssh               SSH to another system
  tail-mgmt-log     tail mgmt log file
  telnet            Telnet to another system
  terminal          Terminal
  top               Go to the top mode
  traceroute        Traceroute to destination
  traceroute6       Traceroute to IPv6 destination
  verify            Verify Application Image

firepower(local-mgmt)# exit
firepower# 

 

Table 7. Commands Available in the Local Management Shell

Command

Additional Information

cd

Change current directory

       usbdrive: - File URI

       volatile: - File URI

       workspace: - File URI

       clear - Clear managed objects

       sshkey - Host public SSH key

cluster

Cluster mode

       force - Force local fabric interconnect to become primary

       lead - Make subordinate fabric interconnect primary

connect

Connect to Another CLI

       adapter - Mezzanine Adapter

       cimc - Cisco Integrated Management Controller

       fxos - Connect to FXOS CLI

       local-mgmt - Connect to Local Management CLI

       module - Security Module Console

copy

Copy a file

       ftp: - Source File URI

       scp: - Source File URI

       sftp: - Source File URI

       tftp: - Source File URI

       usbdrive: - Source File URI

       volatile: - Source File URI

       workspace: - Source File URI

cp

Copy a file

       ftp: - Source File URI

       scp: - Source File URI

       sftp: - Source File URI

       tftp: - Source File URI

       usbdrive: - Source File URI

       volatile: - Source File URI

       workspace: - Source File URI

delete file

Delete managed objects

       usbdrive: - Source File URI

       volatile: - Source File URI

       workspace: - Source File URI

dir

Show content of dir

       order (Optional) - Order files by time

       usbdrive: (Optional) - File URI

       volatile: (Optional) - File URI

       workspace: (Optional) - File URI

enable cluster

Enable cluster mode

       a.b.c.d - Cluster IpV4 address

       ipv6 - IPv6 Cluster mode

end

Go to exec mode

erase

Erase

       configuration - System configuration

erase-log-config

Erase the mgmt logging config file

exit

Exit from command interpreter

fips

FIPS compliance

       fault-test - Execute FIPS fault tests

       self-test - Execute FIPS self-test on demand

ls

Show content of dir

       order (Optional) - Order files by time

       usbdrive: (Optional) - File URI

       volatile: (Optional) - File URI

       workspace: (Optional) - File URI

mgmt-port

Management Port

no-shut (Optional) - Management port up

shut (Optional) - Management port down

mkdir

Create a directory

       usbdrive: (Optional) - File URI

       volatile: (Optional) - File URI

       workspace: (Optional) - File URI

move

Move a file

       usbdrive: (Optional) - File URI

       volatile: (Optional) - File URI

       workspace: (Optional) - File URI

mv

Move a file

       usbdrive: (Optional) - File URI

       volatile: (Optional) - File URI

       workspace: (Optional) - File URI

ping

remote_host - Hostname or IP addr (Min size 0, Max size 510)

ping6

Test network reachability

Test IPv6 network reachability

remote_host - Hostname or IP addr (Min size 0, Max size 510)

pwd

Print current directory

reboot

Reboots Fabric Interconnect

Check if in restore mode

rm

Remove a file

       usbdrive: (Optional) - File URI

       volatile: (Optional) - File URI

       workspace: (Optional) - File URI

rmdir

Remove a directory

       usbdrive: (Optional) - File URI

       volatile: (Optional) - File URI

       workspace: (Optional) - File URI

run-script

Run a script

workspace: - Name of a script to run

show

       Show system information

       cli - CLI Information

       clock - Clock

       file - File Commands

       license - Show license information

       mgmt-ip-debug - IP Debug Info

       mgmt-port - Management Port

       open-network-ports - Show open network ports

       pmon - Pmon

       processes - Processes

       sel - System Event Log

       software - Software

       sshkey - Sshkey

       tech-support - Tech Support

shutdown

Shutdown

ssh

SSH to another system

       remote_system - Enter hostname or user@hostname (Min size 0, Max size 510)

tail-mgmt-log

tail mgmt log file

       module - Module Name (Min size 0, Max size 510)

telnet

Telnet to another system

       remote_host - Hostname or IP addr (Min size 0, Max size 510)

terminal

Set terminal line parameters

       length - Set number of lines on a screen

       width - Set width of the display terminal

top

Go to the top mode

traceroute

Traceroute to destination

       remote_host - Hostname or IP addr (Min size 0, Max size 510)

traceroute6

Traceroute to IPv6destination

       remote_host - Hostname or IP addr (Min size 0, Max size 510)

verify signature

Verify Application Image

bootflash: - Image File Name

       usbdrive: - Image File Name

       volatile: - Image File Name

       workspace: - Image File Name


Note


You will find differences in CPU usage values when you use show processes and show system resources CLIs simultaneously. The CPU usage values differ because of the number of iterations and intervals that each CLI uses by default to summarize the output after sampling through the iterations.


connect module: Command List

After you have used the Supervisor connect module command to connect to a specific module console, the following commands are available on that console. See connect module for information about the connect module command.

In this shell, you can perform operations on the fabric interconnect, including copying files, rebooting the fabric interconnect, and running ping and traceroute commands.


Note


When you connect to a module command shell, the command-line prompt changes from your default prompt, which is the name you assigned to the appliance, to Firepower-modulen, where n is the number of the module to which you connected; see the following example.


Examples

The following example shows how to connect to the module 1 using Telnet, and view available commands:


firepower# connect module 1 telnet
Type exit or Ctrl-] followed by . to quit.
Firepower-module1>?
    secure-login     => Enable blade secure login
    show             => Display system information. Enter show ? for options
    config           => Configure the system. Enter config ? for options
    terminalLength   => Terminal settings. Enter terminal ? for options
    ping             => Ping a host to check reachability
    nslookup         => Look up an IP address or host name with the DNS servers
    traceroute       => Trace the route to a remote host
    connect          => Connect to specific csp console (asa, etc)
    support          => System file operations
    testcrashinfo    => Test crashinfo support
    exit             => Exit the session
    help             => Get help on command syntax
Firepower-module1> <Ctrl-], .>
firepower#                 

 

Table 8. Commands Available on a Module Console

Command

Additional Information

secure-login

Enable blade secure log in

show

Display system information. Enter show ? for options

       diskusage – Display current disk space usage

       time – Display current system date and time

       faults – Display the security module faults if any

       memoryusage – Display the system Memory usage

       cpuinfo – Display the system CPU Information

       users – Display who is logged on and user operations

       uptime – Display system up time

       slot – Display the slot number of SSP to which this blade is connected

       processes – Display all system processes

       hosts – Show hosts

       route – Show configured routes

       interfaces – Show currently configured interfaces

       version – Display product version

       netstat – Show network connections

       vnicmap – Display VNICs with Ethernet interfaces

       platform – None

       memory – Display the memory monitor configuration

       disk – Display the disk monitor configuration

       cpu – Display the CPU monitor configuration

       ntp – Show NTP time sync information

       coredump – Show coredump configuration

       maxRestart – Show maxRestart

       turboBoost – Show turboBoost configuration

       services – Display status of the services

       process – Show process details

       cgroups – Display the cgroups

       tech-support – Generate system information report for troubleshooting purposes

config

Configure the system. Enter config ? for options

       vnic – Configure specified VNIC

       memory – Configure memory monitor

       disk – Configure disk monitor

       process – Configure process cpu monitor

       maxRestart – Configure maximum restarts CSP. 0 shall Disable feature. Default 8

       restartTimeInter – Configure time in seconds to block all CSPs from starting if server restarts maxRestart in this interval. Default 1200

       restartCounters – To reset the restart_count

       coredump – config coredump {...}

       turboBoost – config turboBoost {...}

terminalLength

Terminal settings. Enter terminal ? for options

       enable – terminal length enable

       disable – terminal length disable

ping

Ping a host to check reachability

host

nslookup

Look up an IP address or host name with the DNS servers

host

traceroute

Trace the route to a remote host

host

connect

Connect to specific csp console (asa, etc)

appname apphost

support

System file operations

       platform – Platform operations

       fileupload – Copy Archive files to MIO

       diagnostic – Create diagnostic Archive file

       filelist – List existing files in system directories

       fileview – View files in the system

       filetail – Tail files in the system

       deleteBootImage – Delete boot image

       certdownload – Download certificate from remote syslog server

       verify – verify image

       generate – support generate {command..}

       tunnel – support tunnel {command..}

       dplug-access – Enable dplug access

       send_diag_archiv – Uploads a Default Archive to MIO

       send_logs – Uploads select files to MIO

testcrashinfo

Test crashinfo support

       singleprocess – Test crashinfo support with single process

       multiprocess – Test crashinfo support with multiple processes

       multithread – Test crashinfo support with multiple threads

help

Get help on command syntax