Juniper SRX セッション関連
Firewall使ってると、ちゃんとトラフィックが流れているか見たくなるのでメモ。
コマンドメモ
show security flow session Possible completions: <[Enter]> Execute this command application Application protocol name application-firewall Show application-firewall sessions application-firewall-rule-set Show application-firewall session by rule-set brief Show brief output (default) destination-port Destination port (1..65535) destination-prefix Destination IP prefix or address dynamic-application Dynamic application name dynamic-application-group Dynamic application group name extensive Show detailed output family Protocol family idp IDP sessions interface Name of incoming or outgoing interface nat Sessions with network address translation protocol IP protocol number resource-manager Sessions with resource manager session-identifier Show session with specified session identifier source-port Source port (1..65535) source-prefix Source IP prefix or address summary Show output summary tunnel Tunnel sessions | Pipe through a command
show security flow session
node0: -------------------------------------------------------------------------- Session ID: 115, Policy name: xxxxx, State: Active, Timeout: 1766, Valid In: xx.xx.xx.xx/57050 --> xx.xx.xx.xx/5073;tcp, If: reth0.0, Pkts: 106939, Bytes: 9412714 Out: xx.xx.xx.xx/5073 --> xx.xx.xx.xx/57050;tcp, If: reth1.0, Pkts: 92082, Bytes: 71627805 Session ID: 118, Policy name: xxxxx, State: Active, Timeout: 8, Valid In: xx.xx.xx.xx/37123 --> xx.xx.xx.xx/161;udp, If: reth0.0, Pkts: 52, Bytes: 7354 Out: xx.xx.xx.xx/161 --> xx.xx.xx.xx/59284;udp, If: reth1.0, Pkts: 52, Bytes: 8221 (以下略)
Src/DstなどでFilter
Filterして必要な物だけ見る。
show security flow session source-prefix xx.xx.xx.xx destination-prefix xx.xx.xx.xx node0: -------------------------------------------------------------------------- Session ID: 447495, Policy name: xxxxx, State: Active, Timeout: 16, Valid In: xx.xx.xx.xx/48291 --> xx.xx.xx.xx/80;tcp, If: reth0.0, Pkts: 2, Bytes: 120 Out: xx.xx.xx.xx/80 --> xx.xx.xx.xx/48291;tcp, If: reth1.0, Pkts: 0, Bytes: 0 Total sessions: 1 node1: -------------------------------------------------------------------------- Session ID: 19666, Policy name: xxxxx/39, State: Backup, Timeout: 14400, Valid In: xx.xx.xx.xx/48291 --> xx.xx.xx.xx/80;tcp, If: reth0.0, Pkts: 0, Bytes: 0 Out: xx.xx.xx.xx/80 --> xx.xx.xx.xx/48291;tcp, If: reth1.0, Pkts: 0, Bytes: 0 Total sessions: 1