Monitoring Stateful Firewalls
Monitoring Stateful Firewall Conversations
Purpose
Use the show services stateful-firewall conversations command to show conversations, or collections of related flows.
Action
user@host# show services stateful-firewall conversations Interface: sp-0/0/0, Service set: sset Conversation: ALG protocol: tcp Number of initiators: 1, Number of responders: 1 Flow State Dir Frm count TCP 10.0.0.1:1025 -> 128.0.0.1:80 Forward I 372755 NAT source 10.0.0.1:1025 -> 129.0.0.1:1024 Softwire 2001:0:0:1::1 -> 1001::1 TCP 128.0.0.1:80 -> 129.0.0.1:1024 Forward O 794083 NAT dest 129.0.0.1:1024 -> 10.0.0.1:1025 Softwire 2001:0:0:1::1 -> 1001::1
Monitoring Global Stateful Firewall Statistics
Purpose
Use the show services stateful-firewall statistics command to observe statistics for service sets containing softwire
rules.
Action
user@host# show services stateful-firewall statistics Interface Service set Accept Discard Reject Errors sp-0/0/0 dslite-svc-set2 118991296 0 0 0 sp-0/1/0 dslite-svc-set1 237615050 0 0 0