Who rated this post

In general there are two primary areas of debugging: Process Space and Kernel Space.  An SMS will only have debugs available in Process Space, while a gateway can have debugging active in Kernel Space and/or Process Space.  Kernel Space debugs are far more likely to cause gateway performance or stability effects if they get into a runaway state.

For kernel debugs you can see what debug flags are currently set with these commands: 

fw ctl debug

sim dbg list (R80.20+ - fwaccel dbg list)

To reset kernel debugs to default:

fw ctl debug 0

sim dbg resetall (R80.20+ - fwaccel dbg resetall)

Note: for SecureXL debugs (sim/fwaccel) it is extremely important to set a very specific filter with the -f option or the chances of cratering the system with a runaway debug are very high.

Because there are so many different tools and techniques for initiating Process Space debugs, figuring out if one is active is much more difficult.  Probably the best approach would be to run these commands and look for *.elg files rapidly increasing in size where the process debug files are typically written, and whether they are quickly being rotated (i.e. fwd.elg, fwd.elg.1, fwd.elg.2):

watch ls -ltr $FWDIR/log/*.elg

watch ls -ltr $CPDIR/log/*.elg

--
"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com