Sophos SG Live connections ......

Check astaro-useful-shell-commands:

https://community.sophos.com/products/unified-threat-management/f/general-discussion/21326/astaro-useful-shell-commands/54691?pi2132219853=5#pi2132219853=1

this may help:

Concurrent Connections:
sysctl -w net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=86400

Hi Sir Dirkkotte,

Good Day

How can i Access shell on sophos SG

I keep login as loginuser/admin but then I think Sophos SG always denies my request.

Thank you. 

It's not admin, Kunkka, it's root.

Cheers - Bob

Hi Sir Balfson,

Sorry for the wrong information, btw, Yes it is root......

but then sophos sg appliance always denies my requests,..!

Hi,

Refer the KBA here, follow the steps and get a green signal to the UTM's shell. :)

Then user the following command to check the concurrent connection in the SG.

sysctl -w net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=86400

Hope that helps.

Hi sachin, hi dirkkotte, the sysctl parameter is used for tuning kernel parameters in linux. That entry will change the tcp connection timeout in the kernel https://www.kernel.org/doc/Documentation/networking/nf_conntrack-sysctl.txt . iftop will probably work for what the OP is asking for and will display current bandwidth usage simlar to what XG shows in the GUI.

Here is a thread on why people wanted to change the tcp connection timeout due to problems with old v8 with proxy if I remember correctly https://community.sophos.com/products/unified-threat-management/f/general-discussion/21386/set-tcp-connection-timeout and one of the older astaro devs shows how to change different kernel parameters using cc which will survive a reboot in this post https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/40331/persistent-change-of-ip_conntrack_udp_timeout/139085#139085 

Hi sachin, hi dirkkotte, the sysctl parameter is used for tuning kernel parameters in linux. That entry will change the tcp connection timeout in the kernel https://www.kernel.org/doc/Documentation/networking/nf_conntrack-sysctl.txt . iftop will probably work for what the OP is asking for and will display current bandwidth usage simlar to what XG shows in the GUI.

Here is a thread on why people wanted to change the tcp connection timeout due to problems with old v8 with proxy if I remember correctly https://community.sophos.com/products/unified-threat-management/f/general-discussion/21386/set-tcp-connection-timeout and one of the older astaro devs shows how to change different kernel parameters using cc which will survive a reboot in this post https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/40331/persistent-change-of-ip_conntrack_udp_timeout/139085#139085