show security flow gate protocol
Syntax
show security flow gate protocol protocol-name [brief | summary]
Description
Display information about temporary openings known as pinholes or gates in the security firewall for the specified protocol.
Options
protocol-name —Protocol to use as a gate filter. Information about gates that use this protocol is displayed.
Possible protocols are:
ah—IP Security Authentication Header
egp—Exterior gateway protocol
esp—IPsec Encapsulating Security Payload
gre—Generic routing encapsulation
icmp—Internet Control Message Protocol
icmp6—Internet Control Message Protocol
igmp—Internet Group Management Protocol
ipip—IP over IP
ospf—Open Shortest Path First
pim—Protocol Independent Multicast
rsvp—Resource Reservation Protocol
sctp—Stream Control Transmission Protocol
tcp—Transmission Control Protocol
udp—User Datagram Protocol
brief | summary—Display the specified level of output.
Required Privilege Level
view
Output Fields
Table 1 lists
the output fields for the show security flow gate protocol command. Output fields are listed in the approximate order in which
they appear.
Field Name |
Field Description |
|---|---|
Hole |
Range of flows permitted by the pinhole. |
Translated |
Tuples used to create the session if it matches the pinhole.
|
Protocol |
Application protocol, such as UDP or TCP. |
Application |
Name of the application. |
Age |
Idle timeout for the pinhole. |
Flags |
Internal debug flags for the pinhole. |
Zone |
Incoming zone. |
Reference count |
Number of resource manager references to the pinhole. |
Resource |
Resource manager information about the pinhole. |
Valid gates |
Number of valid gates. |
Pending gates |
Number of pending gates. |
Invalidated gates |
Number of invalid gates. |
Gates in other states |
Number of gates in other states. |
Total gates |
Number of gates in total. |
Sample Output
show security flow gate protocol brief
root> root> show security flow gate protocol tcp brief Hole: 203.0.113.1-40.0.0.111/0-0->192.0.2.1-192.0.2.1/37308-37308 Translated: 203.0.113.1/0->30.0.0.100/37308 Protocol: tcp Application: FTP ALG/79 Age: 65414 seconds Flags: 0x0080 Zone: trust Reference count: 1 Resource: 1-24575-86015 Valid gates: 1 Pending gates: 0 Invalidated gates: 0 Gates in other states: 0 Total gates: 1 Flow Gates on FPC5 PIC0: Valid gates: 0 Pending gates: 0 Invalidated gates: 0 Gates in other states: 0 Total gates: 0 Flow Gates on FPC5 PIC1: Valid gates: 0 Pending gates: 0 Invalidated gates: 0 Gates in other states: 0 Total gates: 0
show security flow gate protocol summary
root> show security flow gate protocol tcp summary Flow Gates on FPC4 PIC1: Valid gates: 1 Pending gates: 0 Invalidated gates: 0 Gates in other states: 0 Total gates: 1 Flow Gates on FPC5 PIC0: Valid gates: 0 Pending gates: 0 Invalidated gates: 0 Gates in other states: 0 Total gates: 0 Flow Gates on FPC5 PIC1: Valid gates: 0 Pending gates: 0 Invalidated gates: 0 Gates in other states: 0 Total gates: 0
Release Information
Command introduced in Junos OS Release 10.2.