Juniper Networks J-Series Network Router User Manual


  Open as PDF
of 332
 
Table 70: Summary of Key Stateful Firewall Statistics Output Fields (continued)
ValuesField
Number of protocol errors detected:
IPNumber of IPv4 errors (for example, Minimum IP header length check failures).
TCPNumber of TCP errors (for example, Source or destination port number is zero).
UDPNumber of UDP errors (for example, IP data length less than minimum UDP header length
(8 bytes)).
ICMPNumber of ICMP errors (for example, Duplicate ping sequence number).
Non-IP PacketsNumber of errors in packets that are not IPv4 packets.
ALGNumber of application-level gateway (ALG) errors.
For a complete list of protocol errors that are counted, see the description of the show services
stateful-firewall statistics command in the JUNOS System Basics and Services Command Reference.
Errors
Monitoring Stateful Firewall Filters
To view stateful firewall filter information in the J-Web interface, select
Monitor>Firewall>Stateful Firewall. To display stateful firewall filter information
for a particular address prefix, port, or other characteristic, type or select information
in one or more of the Narrow Search boxes, and click OK.
Alternatively, enter the following CLI show commands:
show services stateful-firewall conversations
show services stateful-firewall flows
Table 71 on page 138 summarizes key output fields for stateful firewall filters.
Table 71: Summary of Key Stateful Firewall Filters Output Fields
ValuesField
Protocol used for the specified stateful firewall flow.Protocol
Source prefix of the stateful firewall flow.Source IP
Source port number of stateful firewall flow.Source Port
Destination prefix of the stateful firewall flow.Destination IP
Destination port number of the stateful firewall flow.Destination Port
Status of the stateful firewall flow:
DropDrop all packets in the flow without response.
ForwardForward the packet in the flow without inspecting it.
RejectDrop all packets in the flow with response.
WatchInspect packets in the flow.
Flow State
138 Using the Monitoring Tools
J-series Services Router Administration Guide
 previous next