show security flow session application

Syntax

show security flow session application application-name [brief | extensive | summary]

Release Information

Command introduced in Release 8.5 of Junos OS; Filter and view options added in Release 10.2 of Junos OS.

Description

Display information about each session of the specified application type.

Options

application-name—Type of application about which to display sessions information. Possible values are:

dns

Domain Name System

ftp

File Transfer Protocol

ignore

Ignore application type

mgcp-ca

Media Gateway Control Protocol with Call Agent

mgcp-ua

MGCP with User Agent

pptp

Point-to-Point Tunneling Protocol

q931

ISDN connection control protocol

ras

RAS

realaudio

RealAudio

rsh

UNIX remote shell services

rtsp

Real-Time Streaming Protocol

sccp

Skinny Client Control Protocol

sip

Session Initiation Protocol

sqlnet-v2

Oracle SQLNET

talk

TALK program

tftp

Trivial File Transfer Protocol

brief | extensive | summary

Display the specified level of output.

Required Privilege Level

view

Related Topics

clear security flow session application

List of Sample Output

show security flow session application telnet
show security flow session application telnet brief
show security flow session application telnet extensive
show security flow session application telnet summary Flow Sessions on FPC4 PIC1:

Output Fields

Table 76 lists the output fields for the show security flow session application command. Output fields are listed in the approximate order in which they appear.

Table 76: show security flow session application Output Fields

Field Name

Field Description

Session ID

Number that identifies the session. You can use this ID to get additional information about the session.

Policy name

Policy that permitted the traffic.

Timeout

Idle timeout after which the session expires.

In

Incoming flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes).

Out

Reverse flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes).

Total sessions

Total number of sessions.

Status

Session status.

Flag

Internal flag depicting the state of the session, used for debugging purposes.

Policy name

Name and ID of the policy that the first packet of the session matched.

Source NAT pool

The name of the source pool where NAT is used.

Application

Name of the application.

Maximum timeout

Maximum session timeout.

Current timeout

Remaining time for the session unless traffic exists in the session.

Session State

Session state.

Start time

Time when the session was created, offset from the system start time.

Unicast-sessions

Number of unicast sessions.

Multicast-sessions

Number of multicast sessions.

Failed-sessions

Number of failed sessions.

Sessions-in-use

Number of sessions in use.

  • Valid sessions
  • Pending sessions
  • Invalidated sessions
  • Sessions in other states

Maximum-sessions

Number of maximum sessions.

Sample Output

show security flow session application telnet

root> show security flow session application telnet
Flow Sessions on FPC4 PIC1:
Total sessions: 0

Flow Sessions on FPC5 PIC0:
Total sessions: 0

Flow Sessions on FPC5 PIC1:

Session ID: 210067547, Policy name: default-policy/2, Timeout: 1796, Valid
  In: 40.0.0.100/32781 --> 30.0.0.100/23;tcp, If: ge-0/0/2.0, Pkts: 10, Bytes: 610
  Out: 30.0.0.100/23 --> 40.0.0.100/32781;tcp, If: ge-0/0/1.0, Pkts: 9, Bytes: 602
Total sessions: 1

show security flow session application telnet brief

root> show security flow session application telnet brief
Flow Sessions on FPC4 PIC1:
Total sessions: 0

Flow Sessions on FPC5 PIC0:
Total sessions: 0

Flow Sessions on FPC5 PIC1:

Session ID: 210067547, Policy name: default-policy/2, Timeout: 1796, Valid
  In: 40.0.0.100/32781 --> 30.0.0.100/23;tcp, If: ge-0/0/2.0, Pkts: 10, Bytes: 610
  Out: 30.0.0.100/23 --> 40.0.0.100/32781;tcp, If: ge-0/0/1.0, Pkts: 9, Bytes: 602
Total sessions: 1

show security flow session application telnet extensive

root> show security flow session application telnet extensive
Flow Sessions on FPC4 PIC1:
Total sessions: 0

Flow Sessions on FPC5 PIC0:
Total sessions: 0

Flow Sessions on FPC5 PIC1:

Session ID: 210067547, Status: Normal
Flag: 0x40
Policy name: default-policy/2
Source NAT pool: Null, Application: junos-telnet/10
Maximum timeout: 1800, Current timeout: 1788
Session State: Valid
Start time: 670184, Duration: 33
   In: 40.0.0.100/32781 --> 30.0.0.100/23;tcp, 
    Interface: ge-0/0/2.0, 
    Session token: 0x180, Flag: 0x0x21
    Route: 0x60010, Gateway: 40.0.0.100, Tunnel: 0
    Port sequence: 0, FIN sequence: 0, 
    FIN state: 0, 
    Pkts: 10, Bytes: 610
   Out: 30.0.0.100/23 --> 40.0.0.100/32781;tcp, 
    Interface: ge-0/0/1.0,              
    Session token: 0x1c0, Flag: 0x0x20
    Route: 0x70010, Gateway: 30.0.0.100, Tunnel: 0
    Port sequence: 0, FIN sequence: 0, 
    FIN state: 0, 
    Pkts: 9, Bytes: 602
Total sessions: 1

show security flow session application telnet summary Flow Sessions on FPC4 PIC1:

root> show security flow session application telnet summary
Flow Sessions on FPC4 PIC1:

Valid sessions: 0
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 0

Flow Sessions on FPC5 PIC0:

Valid sessions: 0
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 0

Flow Sessions on FPC5 PIC1:

Valid sessions: 1
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 1
Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.