Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

show firewall log

Syntax

show firewall log <detail><interface interface-name><logical-system (logical-system-name | all)>

Syntax (EX Series Switches)

show firewall log <detail><interface interface-name>

Release Information

Command introduced before Junos OS Release 7.4.

Command introduced in Junos OS Release 9.0 for EX Series switches.

logical-system option introduced in Junos OS Release 9.3.

Description

Display log information about firewall filters.

Options

none

Display log information about firewall filters.

detail

(Optional) Display detailed information.

interface interface-name

(Optional) Display log information about a specific interface.

logical-system (logical-system-name | all)

(Optional) Perform this operation on all logical systems or on a particular system.

Required Privilege Level

view

List of Sample Output

show firewall log
show firewall log detail

Output Fields

Table 1 lists the output fields for the show firewall log command. Output fields are listed in the approximate order in which they appear.

Table 1: show firewall log Output Fields

Field Name

Field Description

Time of Log

Time that the event occurred.

Filter

Name of a filter that has been configured with the filter statement at the [edit firewall] hierarchy level.

  • A hyphen (-) indicates that the packet was handled by the Packet Forwarding Engine.
  • A space (no hyphen) indicates the packet was handled by the Routing Engine.
  • The notation pfe indicates packets logged by the Packet Forwarding Engine hardware filters.

Filter Action

Filter action:

  • A—Accept
  • D—Discard
  • R—Reject

Name of Interface

Ingress interface for the packet.

Name of protocol

Packet’s protocol name: egp, gre, icmp, ipip, ospf, pim, rsvp, tcp, or udp.

Packet length

Length of the packet.

Source address

Packet’s source address.

Destination address

Packet’s destination address and port.

Sample Output

show firewall log

user@host>show firewall log
Time      Filter    Action Interface     Protocol  Src Addr      Dest Addr       
13:10:12  pfe       D      rlsq0.902     ICMP      180.1.177.2   180.1.177.1                   
13:10:11  pfe       D      rlsq0.902     ICMP      180.1.177.2   180.1.177.1

show firewall log detail

user@host> show firewall log detail
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of 
interface: fxp0.0Name of protocol: TCP, Packet Length: 50824, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 1020, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 49245, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 49245, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 49245, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 49245, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
....

Published: 2013-04-10

Supported Platforms

Published: 2013-04-10

Previous Page Next Page