Are there any commands to help with debugging routing and policies? An example, My pings are not going through to host A. On a fortigate I can use the "diag debug" with a filter for the ip and it will give me information on if there is no route to the host or if a policy is blocking it.
Are there any commands to do something similar ?
Here is an example on the fortigate:
3.1 - The following is an example of debug flow output for traffic that has got no matching Firewall Policy, hence blocked by the FortiGate : id=20085 trace_id=319 func=resolve_ip_tuple_fast line=2825 msg="vd-root received a packet(proto=6, 192.168.129.136:2854->192.168.96.153:1863) from port3." id=20085 trace_id=319 func=resolve_ip_tuple line=2924 msg="allocate a new session-013004ac" id=20085 trace_id=319 func=vf_ip4_route_input line=1597 msg="find a route: gw-192.168.150.129 via port1" id=20085 trace_id=319 func=fw_forward_handler line=248 msg=" Denied by forward policy check"
