show security flow cp-session protocol
Syntax
show security flow cp-session protocol protocol-name [summary | terse]
Description
Display central point session-related flow information for the specified protocol.This command is supported on the SRX1500, SRX5400, SRX5600, and SRX5800 devices and vSRX Virtual Firewall.
Options
protocol-name —Protocol to use as a central point session filter. Information about the central point session that uses this protocol is displayed.
Possible protocols are:
ah—IP Security Authentication Header
egp—Exterior gateway protocol
esp—IPsec Encapsulating Security Payload
gre—Generic routing encapsulation
icmp—Internet Control Message Protocol
icmp6—Internet Control Message Protocol
igmp—Internet Group Management Protocol
ipip—IP over IP
ospf—Open Shortest Path First
pim—Protocol Independent Multicast
rsvp—Resource Reservation Protocol
sctp—Stream Control Transmission Protocol
tcp—Transmission Control Protocol
udp—User Datagram Protocol
summary | terse–Display the specified level of output.
Required Privilege Level
view
Output Fields
Table 1 lists the output fields for the show security flow cp-session protocol command. Output fields are listed in the approximate order
in which they appear.
Field Name |
Field Description |
|---|---|
Valid gates |
Number of valid central point sessions. |
Pending gates |
Number of pending central point sessions. |
Invalidated gates |
Number of invalid central point sessions. |
Gates in other states |
Number of central point sessions in other states. |
Total gates |
Number of central point sessions in total. |
Session ID |
Number that identifies the session. Use this ID to get more information about the session. |
SPU |
Services Processing Unit. |
In |
Incoming flow (source and destination IP addresses). |
Out |
Reverse flow (source and destination IP addresses). |
Sample Output
show security flow cp-session protocol summary
root> show security flow cp-session protocol tcp summary DCP Flow Sessions on FPC10 PIC0: Valid sessions: 0 Pending sessions: 0 Invalidated sessions: 0 Sessions in other states: 0 Total sessions: 0 DCP Flow Sessions on FPC10 PIC1: Valid sessions: 0 Pending sessions: 0 Invalidated sessions: 0 Sessions in other states: 0 Total sessions: 0 DCP Flow Sessions on FPC10 PIC2: Valid sessions: 0 Pending sessions: 0 Invalidated sessions: 0 Sessions in other states: 0 Total sessions: 0 DCP Flow Sessions on FPC10 PIC3: Valid sessions: 1 Pending sessions: 0 Invalidated sessions: 0 Sessions in other states: 0 Total sessions: 1
show security flow cp-session protocol terse
root> show security flow cp-session protocol tcp terse Session ID: 160000015, SPU: 17, Valid In: 203.0.113.9/32838 --> 198.51.100.26/21;tcp, Out: 198.51.100.26/21 --> 203.0.113.2/32838;tcp, Total sessions: 1
Release Information
Command introduced in Junos OS Release 10.2.