Support Support Downloads Knowledge Base Apex Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Read/Write admin can't use SNOOP DETAIL

0

0

Article ID: KB11320 KB Last Updated: 11 Aug 2010Version: 3.0
Summary:
'snoop detail' option is missing
Symptoms:
In ScreenOS 5.3 or earlier, access to the CLI commands 'snoop' and 'snoop detail'  are available to all root administrators as well as read/write administrators.

In ScreenOs 5.4 or later, by default, only the root administrators can run 'snoop detail'. 
When an administrator, other the root admin, attempt to run the command 'snoop detail', it reports 'unknown keyword detail':
fw-> snoop detail
           ^--------unknown keyword detail

 NOTE:  The other snoop command options are available to other admins.  Only the snoop detail option is restricted.

fw-> snoop ?
<return>
filter               snoop filter configuration
info                 show snoop information
off                  turn off snoop


 
Solution:
In ScreenOS 5.4 or later, a boot-time environment variable: ‘allow_snoop_detail_by_all’ has been introduced to control the behavior of ‘snoop detail'.
By default, only the Root administrator is permitted to use ‘snoop detail'.

In order to allow the read/write administrators to run snoop detail, the environment variable can be set or unset by root administrator.
After ‘set envar allow_snoop_detail_by_all=yes’ is set and the firewall is rebooted, read/write administrators are permitted to use the ‘snoop detail'.
The command ‘unset envar allow_snoop_detail_by_all’ and reboot can also be used to change the firewall back to the default behavior.
If the environment variable is set to ‘yes’, the following information will be prompted on the console during the initialization: ‘allow_snoop_detail_by_all is enabled.’
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search