|
To troubleshoot connection issues between FortiWeb and ICAP server, reproduce the issue, and collect Sniffer and ICAP debug at the same time.
ICAP Configuration:
By CLI:
config system icapserver
set server "192.168.253.71"
set ssl enable
set cache-timeout 72
end
- Sniffer to Wireshark: Collect the following sniffer output:
diagnose network sniffer packet any 'host <icap_server_ip> and port 1344' 6
Or:
diagnose network sniffer packet any 'host <icap_server_ip> and port 1344' 3
To capture from GUI interface: Go to Network -> Packet Capture -> Create New:
Use:
Interface: Any.
Filter: port 1344.
- Collect the following ICAP debug:
diagnose debug reset
diagnose debug info
diagnose debug console enable
diagnose debug timestamp enable
diagnose debug application icap-protocol 7
diagnose debug enable
- Troubleshooting Connection: In this example 'Client-IP' and 'Server-IP' were used in the debug ICAP Filter.
diagnose debug reset
diagnose debug info
diagnose debug console enable
diagnose debug timestamp enable
diagnose debug flow filter client-ip 188.70.4.40 ------> Client IP
diagnose debug flow filter server-ip 192.168.253.20 ------> FortiWeb IP
diagnose debug flow filter http-detail 7
diagnose debug flow filter flow-detail 7
diagnose debug application icap-protocol 7 <-----
diagnose debug enable
diagnose debug flow trace start
Debug Output:
[ICAP][INFO](icap_daemon.c:1202): result: type = [0], res_code = [2], msg: []
[ICAP][INFO](icap_daemon.c:1210): 2 result: type = [0], res_code = [2], msg: []
[ICAP][INFO](icap_client.c:374): verdict response: fd=[1275] type = [0], res_code = [2], msg:
[ICAP][DEBUG](icap_daemon.c:951): ############ got uploaded file [2.docx, 563972] ############
[ICAP][DEBUG](icap_daemon.c:952): adom: root [1]
[ICAP][DEBUG](icap_daemon.c:953): sip: 188.70.4.40:1836
[ICAP][DEBUG](icap_daemon.c:954): dip: 10.120.1.10:47873
[ICAP][DEBUG](icap_daemon.c:955): service: 12
[ICAP][DEBUG](icap_daemon.c:956): http_method: 3
[ICAP][DEBUG](icap_daemon.c:957): severity: 3
[ICAP][DEBUG](icap_daemon.c:958): policy: Online_Policy
[ICAP][DEBUG](icap_daemon.c:959): content_switch_name:
[ICAP][DEBUG](icap_daemon.c:960): server_pool_name: Online_Pool
[ICAP][DEBUG](icap_daemon.c:961): host: www.cbk-online.com
[ICAP][DEBUG](icap_daemon.c:962): URL: /Tijarionline/IB/Public/FileUpload
[ICAP][DEBUG](icap_daemon.c:963): trigger_policy:
[ICAP][DEBUG](icap_daemon.c:964): ####################################################
[ICAP][INFO](icap_daemon.c:1169): upload: file_name:[2.docx] file_sha256:[3af8055be98f2b288b75a98774b4e24f7f107ae74d6327d1e5d90d3d7e126163] file_len:[563972]
[ICAP][INFO](icap_daemon.c:1202): result: type = [0], res_code = [0], msg: [uploaded successfully]
[ICAP][INFO](icap_daemon.c:1210): 2 result: type = [0], res_code = [0], msg: [uploaded successfully]
[ICAP][INFO](icap_client.c:284): upload response: type = [0], res_code = [0], msg: uploaded successfully
[ICAP][INFO](icap_daemon.c:1202): result: type = [1], res_code = [0], msg: []
[ICAP][DEBUG](icap_send_file.c:336): OK done with options!
[ICAP][INFO](icap_daemon.c:1210): 2 result: type = [1], res_code = [0], msg: []
[ICAP][INFO](icap_client.c:374): verdict response: fd=[1275] type = [1], res_code = [0], msg:
[ICAP][DEBUG](icap_send_file.c:336): ICAP server:192.168.253.71, ip:192.168.253.20, port:1344
[ICAP][DEBUG](icap_send_file.c:336): Preview:0 keepalive:1,allow204:0
[ICAP][DEBUG](icap_send_file.c:336): OK allocating request going to send request
[ICAP][DEBUG](icap_send_file.c:336): Allocate a new entity of type 0
[ICAP][DEBUG](icap_send_file.c:336): Allocate a new entity of type 1
[ICAP][DEBUG](icap_send_file.c:336): Allocate a new entity of type 3
[ICAP][DEBUG](icap_send_file.c:336): Going to add 5 request headers
[ICAP][INFO](icap_daemon.c:1202): result: type = [1], res_code = [0], msg: []
[ICAP][DEBUG](icap_send_file.c:336): Add request header: POST /Tijarionline/IB/Public/FileUpload HTTP/1.0
[ICAP][INFO](icap_daemon.c:1210): 2 result: type = [1], res_code = [0], msg: []
[ICAP][DEBUG](icap_send_file.c:336): Add request header: Last-Modified: Wed Sep 25 09:49:35 2024
[ICAP][DEBUG](icap_send_file.c:336): Add request header: Content-Length: 0
[ICAP][DEBUG](icap_send_file.c:336): Add request header: Content-Length: 0
[ICAP][INFO](icap_client.c:374): verdict response: fd=[1275] type = [1], res_code = [0], msg:
[ICAP][DEBUG](icap_send_file.c:336): Add request header: User-Agent: C-ICAP-Client/x.xx
[ICAP][DEBUG](icap_send_file.c:336): Going to add 4 response headers
[ICAP][DEBUG](icap_send_file.c:336): Add resp header: HTTP/1.0 200 OK
[ICAP][DEBUG](icap_send_file.c:336): Add resp header: Date: Wed Sep 25 09:49:35 2024
[ICAP][DEBUG](icap_send_file.c:336): Add resp header: Last-Modified: Wed Sep 25 09:49:35 2024
[ICAP][DEBUG](icap_send_file.c:336): Add resp header: Content-Length: 563972
[ICAP][DEBUG](icap_send_file.c:336): Preview response was with status: 405
[ICAP][DEBUG](icap_send_file.c:336): Done
WireShark Capture:
The ICAP server is not configured properly to accept the POST method as per the capture.
Related documents:
FortiWeb / CLI Reference / Networks Sniffer
FortiWeb / CLI Reference / Packet capture via CLI command
FortiWeb / CLI Reference / System ICAP Server
FortiWeb Documentation
|
