Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

show firewall log

Syntax

show firewall log <detail><interface interface-name><logical-system (logical-system-name | all)>

Syntax (EX Series Switches)

show firewall log <detail><interface interface-name>

Release Information

Command introduced before Junos OS Release 7.4.

Command introduced in Junos OS Release 9.0 for EX Series switches.

logical-system option introduced in Junos OS Release 9.3.

Description

Display log information about firewall filters.

Options

none

Display log information about firewall filters.

detail

(Optional) Display detailed information.

interface interface-name

(Optional) Display log information about a specific interface.

logical-system (logical-system-name | all)

(Optional) Perform this operation on all logical systems or on a particular system.

Required Privilege Level

view

List of Sample Output

show firewall log
show firewall log detail

Output Fields

Table 1 lists the output fields for the show firewall log command. Output fields are listed in the approximate order in which they appear.

Table 1: show firewall log Output Fields

Field Name

Field Description

Time of Log

Time that the event occurred.

Filter

  • Displays the name of a configured firewall filter or service filter only if the packet hit the filter’s log action in a kernel filter (in the control plane). For any traffic that reaches the Routing Engine, the packets hit the log action in the kernel.
  • For all other logged packets (packet hit the filter’s log action in the Packet Forwarding Engine), this field displays pfe instead of a configured filter name.

Filter Action

Filter action:

  • A—Accept
  • D—Discard
  • R—Reject

Name of Interface

  • Displays a physical interface name if the packet arrived at a port on a line card.
  • Displays local if the packet was generated by the device's internal Ethernet interface, em1 or fxp1, which connects the Routing Engine with the router’s packet-forwarding components.

Name of protocol

Packet’s protocol name: egp, gre, icmp, ipip, ospf, pim, rsvp, tcp, or udp.

Packet length

Length of the packet.

Source address

Packet’s source address.

Destination address

Packet’s destination address and port.

Sample Output

show firewall log

user@host>show firewall log
Time      Filter    Action Interface     Protocol  Src Addr      Dest Addr       
13:10:12  pfe       D      rlsq0.902     ICMP      180.1.177.2   180.1.177.1                   
13:10:11  pfe       D      rlsq0.902     ICMP      180.1.177.2   180.1.177.1

show firewall log detail

user@host> show firewall log detail
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of 
interface: fxp0.0Name of protocol: TCP, Packet Length: 50824, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 1020, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 49245, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 49245, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 49245, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
Time of Log: 2004-10-13 10:37:17 PDT, Filter: f, Filter action: accept, Name of interface: fxp0.0
Name of protocol: TCP, Packet Length: 49245, Source address: 172.17.22.108:829, 
Destination address: 192.168.70.66:513
....

Published: 2014-04-24

Supported Platforms

Published: 2014-04-24

Previous Page Next Page