show security flow session family
语法
show security flow session family (inet | inet6) [brief | extensive | summary]
描述
显示有关现有会话的信息摘要,包括会话类型、活动会话和失败会话以及允许的最大会话数。
选项
inet—显示 IPv4 会话的详细信息摘要。inet6— 显示 IPv6 会话的详细信息摘要。简单|广泛的|汇总– 显示指定的输出级别。
所需的权限级别
视图
输出字段
表 1 列出了 命令的输出 show security flow session family 字段。输出字段按其出现的大致顺序列出。
字段名称 |
字段说明 |
|---|---|
|
标识会话的编号。使用此 ID 可获取有关会话详细信息。 |
|
允许信息流的策略。 |
|
空闲超时后,会话到期。 |
|
传入流(源和目标 IP 地址、应用程序协议、接口、会话令牌、路由、网关、隧道、端口序列、FIN 序列、FIN 状态、数据包和字节)。 |
|
反向流(源和目标 IP 地址、应用程序协议、接口、会话令牌、路由、网关、隧道、端口序列、FIN 序列、FIN 状态、数据包和字节)。 |
|
会话总数。 |
|
会话状态。 |
|
描述会话状态的内部标志,用于调试。 |
|
第一个会话数据包匹配的策略的名称和 ID。 |
|
使用源池的NAT名称。 |
|
应用程序名称。 |
|
最大会话超时时间。 |
|
会话的剩余时间,除非会话中存在信息流。 |
|
会话状态。 |
|
创建会话的时间,与系统启动时间所偏差。 |
|
单播会话数。 |
|
组播会话数。 |
|
发生故障的会话数。 |
|
使用的会话数。
|
|
最大会话数。 |
示例输出
- 显示安全流会话系列 inet
- show security flow session family inet brief
- show security flow session family inet extensive
- show security flow session family inet summary
显示安全流会话系列 inet
root> show security flow session family inet Flow Sessions on FPC10 PIC1: Total sessions: 0 Flow Sessions on FPC10 PIC2: Session ID: 420000107, Policy name: default-policy-00/2, Timeout: 4, Valid In: 203.0.113.0/3 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 420000202 Out: 203.0.113.4/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 420000202 Total sessions: 1 Flow Sessions on FPC10 PIC3: Session ID: 430000115, Policy name: default-policy-00/2, Timeout: 2, Valid In: 203.0.113.0/4 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 430000110 Out: 203.0.113.5/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 430000110 Session ID: 430000117, Policy name: default-policy-00/2, Timeout: 4, Valid In: 203.0.113.0/4 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 430000111 Out: 203.0.113.5/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 430000111 Total sessions: 2
show security flow session family inet brief
root> show security flow session family inet brief Flow Sessions on FPC10 PIC1: Total sessions: 0 Flow Sessions on FPC10 PIC2: Session ID: 420000115, Policy name: default-policy-00/2, Timeout: 2, Valid In: 203.0.113.0/3 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 420000206 Out: 203.0.113.4/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 420000206 Session ID: 420000117, Policy name: default-policy-00/2, Timeout: 2, Valid In: 203.0.113.0/4 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 420000207 Out: 203.0.113.5/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 420000207 Total sessions: 2 Flow Sessions on FPC10 PIC3: Session ID: 430000119, Policy name: default-policy-00/2, Timeout: 2, Valid In: 203.0.113.0/4 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 430000112 Out: 203.0.113.5/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 430000112 Total sessions: 1
show security flow session family inet extensive
root> show security flow session family inet extensive
Flow Sessions on FPC10 PIC1:
Session ID: 410000111, Status: Normal
Flags: 0x80400040/0x0/0x2800023
Policy name: default-policy-00/2
Source NAT pool: Null
Dynamic application: junos:UNKNOWN,
Encryption: Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 4, Current timeout: 4
Session State: Valid
Start time: 76455, Duration: 0
In: 203.0.113.0/24 --> 203.0.113.1/24;icmp,
Interface: ge-7/1/0.0,
Session token: 0x6, Flag: 0xc0000021
Route: 0xa0010, Gateway: 203.0.113.10, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 410000242
Out: 203.0.113.1/24 --> 203.0.113.10/4;icmp,
Interface: .local..0,
Session token: 0x2, Flag: 0x40000030
Route: 0xfffb0006, Gateway: 203.0.113.1, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 410000242
Total sessions: 1
Flow Sessions on FPC10 PIC2:
Session ID: 420000123, Status: Normal
Flags: 0x80400040/0x0/0x2800023
Policy name: default-policy-00/2
Source NAT pool: Null
Dynamic application: junos:UNKNOWN,
Encryption: Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 4, Current timeout: 2
Session State: Valid
Start time: 76454, Duration: 2
In: 203.0.113.10/24 --> 203.0.113.11/24;icmp,
Interface: ge-7/1/0.0,
Session token: 0x6, Flag: 0xc0000021
Route: 0xa0010, Gateway: 20010, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 420000210
Out: 203.0.113.11/24 --> 203.0.113.12/24;icmp,
Interface: .local..0,
Session token: 0x2, Flag: 0x40000030
Route: 0xfffb0006, Gateway: 203.0.113.1, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 420000210
Total sessions: 1
Flow Sessions on FPC10 PIC3:
Session ID: 430000131, Status: Normal
Flags: 0x80400040/0x0/0x2800023
Policy name: default-policy-00/2
Source NAT pool: Null
Dynamic application: junos:UNKNOWN,
Encryption: Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 4, Current timeout: 4
Session State: Valid
Start time: 76421, Duration: 1
In: 203.0.113.10/24 --> 203.0.113.11/24;icmp,
Interface: ge-7/1/0.0,
Session token: 0x6, Flag: 0xc0000021
Route: 0xa0010, Gateway: 203.0.113.10, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 430000118
Out: 203.0.113.12/24 --> 203.0.113.13/24;icmp,
Interface: .local..0,
Session token: 0x2, Flag: 0x40000030
Route: 0xfffb0006, Gateway: 203.0.113.1, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 430000118
Total sessions: 1
show security flow session family inet summary
root> show security flow session family inet summary Flow Sessions on FPC10 PIC1: Valid sessions: 2 Pending sessions: 0 Invalidated sessions: 2 Sessions in other states: 0 Total sessions: 4 Flow Sessions on FPC10 PIC2: Valid sessions: 2 Pending sessions: 0 Invalidated sessions: 2 Sessions in other states: 0 Total sessions: 4 Flow Sessions on FPC10 PIC3: Valid sessions: 2 Pending sessions: 0 Invalidated sessions: 2 Sessions in other states: 0 Total sessions: 4
发布信息
在 10.2 Junos OS中引入的命令。