show security flow session advanced-anti-malware
Syntax
show security flow session advanced-anti-malware [ brief | extensive | summary ]
Description
Display information about all currently active advanced anti-malware (AAMW) sessions on the device.
Options
| brief | extensive | summary | Display the specified level of output. |
| none | Display information about all active AAMW sessions. |
Required Privilege Level
View
Output Fields
Table 1 lists the
output fields for the show security flow session advanced-anti-malware command. Output fields are listed in alphabetical order.
Field Name |
Field Description |
|---|---|
Application traffic control rule-set |
AppQoS rule set for this session. |
Conn Tag |
A 32-bit connection tag that uniquely identifies the GPRS tunneling protocol, user plane (GTP-U) and the Stream Control Transmission Protocol (STCP) sessions. The connection tag for GTP-U is the tunnel endpoint identifier (TEID) and for SCTP is the vTag. The connection ID remains 0 if the connection tag is not used by the sessions. |
CP Session ID |
Number that identifies the central point session. Use this ID to get more information about the central point session. |
Current timeout |
Remaining time for the session unless traffic exists in the session. |
Dynamic application |
Name of the application. |
Flag |
Internal flag depicting the state of the session, used for debugging purposes. |
In |
Incoming flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes). |
Maximum timeout |
Maximum session timeout. |
Policy name |
Policy that permitted the traffic. |
Rule |
AppQoS rule for this session. |
Session ID |
Number that identifies the session. Use this ID to get more information about the session. |
Source NAT pool |
The name of the source pool where NAT is used. |
Start time |
Time when the session was created, offset from the system start time. |
Status |
Session status. |
Timeout |
Idle timeout after which the session expires. |
Total sessions |
Total number of sessions. |
Out |
Reverse flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes). |
Sample Output
- show security flow session advanced-anti-malware
- show security flow session advanced-anti-malware summary
- show security flow session advanced-anti-malware extensive
show security flow session advanced-anti-malware
user@host> show security flow session advanced-anti-malware
node0:
--------------------------------------------------------------------------
Flow Sessions on FPC0 PIC1:
Session ID: 10002664, Policy name: p1/6, State: Backup, Timeout: 14048, Valid
In: 6.0.0.100/1 --> 192.88.99.1/1;ipv6, Conn Tag: 0x0, If: reth0.0, Pkts: 0, Bytes: 0, CP Session ID: 10002826
Out: 192.88.99.1/1 --> 19.255.7.100/27341;ipv6, Conn Tag: 0x0, If: reth2.0, Pkts: 0, Bytes: 0, CP Session ID: 20002505
Session ID: 10002677, Policy name: p1/6, State: Backup, Timeout: 1734, Valid
In: 6.0.0.100/61471 --> 10.155.191.252/53;udp, Conn Tag: 0x0, If: reth0.0, Pkts: 0, Bytes: 0, CP Session ID: 10002839
Out: 10.155.191.252/53 --> 19.255.7.100/26957;udp, Conn Tag: 0x0, If: reth2.0, Pkts: 0, Bytes: 0, CP Session ID: 10002839
Session ID: 10002681, Policy name: p1/6, State: Backup, Timeout: 1758, Valid
In: 6.0.0.100/53578 --> 10.155.191.252/53;udp, Conn Tag: 0x0, If: reth0.0, Pkts: 0, Bytes: 0, CP Session ID: 10002843
Out: 10.155.191.252/53 --> 19.255.7.100/2641;udp, Conn Tag: 0x0, If: reth2.0, Pkts: 0, Bytes: 0, CP Session ID: 20002521
Total sessions: 3
Flow Sessions on FPC0 PIC2:
Total sessions: 0
Flow Sessions on FPC0 PIC3:
Total sessions: 0
node1:
--------------------------------------------------------------------------
Flow Sessions on FPC0 PIC1:
Session ID: 10011868, Policy name: p1/6, State: Active, Timeout: 1758, Valid
In: 6.0.0.100/1 --> 192.88.99.1/1;ipv6, Conn Tag: 0x0, If: reth0.0, Pkts: 3, Bytes: 204, CP Session ID: 10011941
Out: 192.88.99.1/1 --> 19.255.7.100/27341;ipv6, Conn Tag: 0x0, If: reth2.0, Pkts: 0, Bytes: 0, CP Session ID: 20002763
Session ID: 10011931, Policy name: p1/6, State: Active, Timeout: 12, Valid
In: 6.0.0.100/53578 --> 10.155.191.252/53;udp, Conn Tag: 0x0, If: reth0.0, Pkts: 5, Bytes: 310, CP Session ID: 10012001
Out: 10.155.191.252/53 --> 19.255.7.100/2641;udp, Conn Tag: 0x0, If: reth2.0, Pkts: 0, Bytes: 0, CP Session ID: 20002786
Total sessions: 2
Flow Sessions on FPC0 PIC2:
Total sessions: 0
Flow Sessions on FPC0 PIC3:
Total sessions: 0
{primary:node0}
show security flow session advanced-anti-malware summary
user@host> show security flow session advanced-anti-malware summary
node0:
--------------------------------------------------------------------------
Flow Sessions on FPC0 PIC1:
Valid sessions: 3
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 3
Flow Sessions on FPC0 PIC2:
Valid sessions: 0
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 0
Flow Sessions on FPC0 PIC3:
Valid sessions: 0
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 0
node1:
--------------------------------------------------------------------------
Flow Sessions on FPC0 PIC1:
Valid sessions: 3
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 3
Flow Sessions on FPC0 PIC2:
Valid sessions: 0
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 0
Flow Sessions on FPC0 PIC3:
Valid sessions: 0
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 0
{primary:node0}
show security flow session advanced-anti-malware extensive
user@host> show security flow session advanced-anti-malware extensive
node0:
--------------------------------------------------------------------------
Flow Sessions on FPC0 PIC1:
Session ID: 10002664, Status: Normal, State: Backup
Flags: 0x10000000/0x0/0x103
Policy name: p1/6
Source NAT pool: interface
Dynamic application: INCONCLUSIVE,
Encryption: Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 1800, Current timeout: 14184
Session State: Valid
Start time: 76795, Duration: 226
In: 6.0.0.100/1 --> 192.88.99.1/1;ipv6,
Conn Tag: 0x0, Interface: reth0.0,
Session token: 0x7, Flag: 0x60000621
Route: 0x86153c2, Gateway: 6.0.0.100, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 0, Bytes: 0
CP Session ID: 10002826
Out: 192.88.99.1/1 --> 19.255.7.100/27341;ipv6,
Conn Tag: 0x0, Interface: reth2.0,
Session token: 0x6, Flag: 0x60000620
Route: 0x860b3c2, Gateway: 19.255.254.1, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 0, Bytes: 0
CP Session ID: 20002505
Total sessions: 1
Flow Sessions on FPC0 PIC2:
Total sessions: 0
Flow Sessions on FPC0 PIC3:
Total sessions: 0
node1:
--------------------------------------------------------------------------
Flow Sessions on FPC0 PIC1:
Session ID: 10011868, Status: Normal, State: Active
Flags: 0x8000002/0x8000000/0x103
Policy name: p1/6
Source NAT pool: interface
Dynamic application: INCONCLUSIVE,
Encryption: Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 1800, Current timeout: 1576
Session State: Valid
Start time: 76756, Duration: 225
In: 6.0.0.100/1 --> 192.88.99.1/1;ipv6,
Conn Tag: 0x0, Interface: reth0.0,
Session token: 0x7, Flag: 0x40002621
Route: 0x86173c2, Gateway: 6.0.0.100, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 68
CP Session ID: 10011941
Out: 192.88.99.1/1 --> 19.255.7.100/27341;ipv6,
Conn Tag: 0x0, Interface: reth2.0,
Session token: 0x6, Flag: 0x60002620
Route: 0x860d3c2, Gateway: 19.255.254.1, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 0, Bytes: 0
CP Session ID: 20002763
Total sessions: 1
Flow Sessions on FPC0 PIC2:
Total sessions: 0
Flow Sessions on FPC0 PIC3:
Total sessions: 0
{primary:node0}
Release Information
Command introduced in Junos OS Release 15.1X49-D40.