show security advance-policy-based-routing detail
Syntax
show security advance-policy-based-routing detail
Description
Display a summary of all APBR policies configured on the device.
You can use this command to understand the details of an APBR policy such as:
Name, status, zone-context of the APBR policy.
The number of times traffic matches the APBR policy and the APBR profile is applied for a session.
You can use the show security advance-policy-based-routing detail command
only when you have configured advanced policy-based routing (APBR) profile with the APBR
policy. You might not get the accurate results if you have an APBR profile attached the
security zone.
Options
| count | Display the number of configured APBR policies.
|
| detail | Display a detailed view of all of the APBR policies configured on the device. |
| from-zone | Display specific zone details applicable to the APBR policy. |
| logical-system | Displaythe logical system name. |
| root-logical-system | Display information about the default root-logical-system. |
| start | Display the policy from the given position.
|
Required Privilege Level
view
Output Fields
Table 1 lists
the output fields for the show security advance-policy-based-routing
detail command. Output fields are listed in the approximate
order in which they appear.
Field Name |
Field Description |
|---|---|
Policy name |
Name of the APBR policy |
Enabled |
Status of the policy (enabled or disabled) |
Policy type |
Type of the policy. |
Index |
An internal number associated with the policy. |
Sequence number |
Number of the policy within a given context. For example, three policies that are applicable in a from-zone A-to-zone B context might be ordered with sequence numbers 1, 2, and 3. Also, in a from-zone C-to-zone D context, four policies might have sequence numbers 1, 2, 3, and 4. |
From zone |
The zone on which APBR profile is applied to. |
Source addresses |
The names and corresponding IP addresses of the source addresses for a policy. Address sets are resolved to their individual address name-IP address pairs. |
Destination addresses |
The names and corresponding IP addresses of the destination addresses (or address sets) for a policy as entered in the destination zone’s address book. A packet’s destination address must match one of these addresses for the policy to apply to it. |
Application |
Name of a preconfigured or custom application, or any if no application is specified. |
ALG |
If an ALG is associated with the session, the name of the ALG. Otherwise, 0. |
protocol |
Protocol name or numeric value of the traffic. |
Inactivity timeout |
Elapsed time without activity after which the application is terminated. |
Source port range |
Range of matching source ports defined in the policy. |
Destination port range |
Range of matching destination ports defined in the policy. |
APBR-Profile |
Name of the APBR profile |
Source identities |
User details specified in the source-identity field of the named policy. |
Scheduler name |
Name of the scheduler associated with APBR policy. |
Sample Output
show security advance-policy-based-routing statistics
user@host> show security advance-policy-based-routing detail Policy: SLA1, State: enabled, Index: 5 Policy Type: Configured Sequence number: 1 From zone: trust Source addresses: any-ipv4(global): 0.0.0.0/0 any-ipv6(global): ::/0 Destination addresses: any-ipv4(global): 0.0.0.0/0 any-ipv6(global): ::/0 Application: any IP protocol: 0, ALG: 0, Inactivity timeout: 0 Source port range: [0-0] Destination port range: [0-0] APBR-Profile: profile1 Scheduler name: scheduler-1
Sample Output
show security advanced-policy-based-routing detail (Junos OS Release 19.1R1)
user@host> show security advanced-policy-based-routing detail
Policy: p1, State: enabled, Index: 4
Sequence number: 1
From zone: trust
Source addresses:
any-ipv4(global): 0.0.0.0/0
any-ipv6(global): ::/0
Destination addresses:
any-ipv4(global): 0.0.0.0/0
any-ipv6(global): ::/0
Application: any
IP protocol: 0, ALG: 0, Inactivity timeout: 0
Source port range: [0-0]
Destination port range: [0-0]
APBR Profile: apbr-pr1
Source identities:
dev_user
Release Information
Command introduced in Junos OS Release 15.1X49-D60. The option scheduler is added in Junos OS Release 18.4R1.