[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

show security nat source rule

Syntax

show security nat source rule
<rule-name>
all

Release Information

Command introduced in Release 9.2 of JUNOS software.

Description

Display information about the specified source Network Address Translation (NAT) rule.

This command is supported on SRX-series devices.

Options

rule-name—Name of the rule.

all—Display information about all the source NAT rule.

Required Privilege Level

view

Related Topics

rule (Source NAT)

List of Sample Output

show security nat source rule r1
show security nat source rule all

Output Fields

Table 78 lists the output fields for the show security nat source rule command. Output fields are listed in the approximate order in which they appear

Table 78: show security nat source rule Output Fields

Field Name

Field Description

Source nat rule

Name of the source NAT rule.

State

Status of the IP address:

  • Active—Denotes that the IP address is in use.
  • Free—IP address is available for allocation.

Index

Rule index number.

From routing instance

Name of the routing instance from which the packet comes.

To routing instance

Name of the routing instance in which packet should reach.

Source address

Name of the source addresses which match the rule. The default value is any.

Destination address

Name of the destination addresses which match the rule. The default value is any.

Destination ports

Destination ports number which match the rule. The default value is any.

Action

The action taken in regard to a packet that matches the rule’s tuples. Actions include the following:

  • off—Do not perform source NAT.
  • source-nat—Use user-defined source NAT pool to perform source NAT
  • interface—Use egress interface's IP address to perform source NAT.

Hit times

Number of times a translation in the translation table is used for a source NAT rule.

Fail times

Number of times a translation in the translation table failed to translate for a source NAT rule.

Total destination nat rule number

Number of destination NAT rules.

Total hit times

Number of times a translation in the translation table is used for all the source NAT rules.

Total fail times

Number of times a translation in the translation table failed to translate for all the source NAT rules.

show security nat source rule r1

user@host> show security nat source rule r1 
    Source nat rule: r1, State: enabled, Index: 4
      From routing instance: ri-2
      To routing instance: ri-1
      Source addresses:
        any: 0.0.0.0/0
      Destination addresses:
        any: 0.0.0.0/0
      Action: source-nat pool s1
      
      Hit times: 22
      Fail times: 2

show security nat source rule all

user@host> show security nat source rule all 
    Total source nat rule number: 2
    Total hit times: 32
    Total fail times: 2

    Source nat rule: r1, State: enabled, Index: 4
      From routing instance: ri-2
      To routing instance: ri-1
      Source addresses:
        any: 0.0.0.0/0
      Destination addresses:
        any: 0.0.0.0/0
      Action: source-nat pool s1
      
      Hit times: 22
      Fail times: 2

    Source nat rule: r2, State: enabled, Index: 5
      From routing instance: ri-2, zone: z3 z4
      To routing instance: ri-1
      Source addresses:
        any: 0.0.0.0/0
      Destination addresses:
        any: 0.0.0.0/0
      Action: source-nat pool s2
      
      Hit times: 10
      Fail times: 0
[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]