show security flow session resource-manager

Syntax

show security flow session resource-manager [brief | extensive | summary]

Release Information

Command introduced in Release 8.5 of Junos OS; Filter and view options introduced in Release 10.2 of Junos OS.

Description

Display information about sessions created by the resource manager.

Options

none—Display all resource manager sessions.

brief | extensive | summary

Display the specified level of output.

Required Privilege Level

view

Related Topics

clear security flow session resource-manager

List of Sample Output

show security flow session resource-manager
show security flow session resource-manager brief
show security flow session resource-manager extensive
show security flow session resource-manager summary

Output Fields

Table 86 lists the output fields for the show security flow session resource-manager command. Output fields are listed in the approximate order in which they appear.

Table 86: show security flow session resource-manager Output Fields

Field Name

Field Description

Session ID

Number that identifies the session. You can use this ID to get additional information about the session.

Policy name

Policy that permitted the traffic.

Timeout

Idle timeout after which the session expires.

Resource information

Information about the session particular to the resource manager, including the name of the ALG, the group ID. and the resource ID.

In

Incoming flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes).

Out

Reverse flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes).

Total sessions

Total number of sessions.

Status

Session status.

Flag

Internal flag depicting the state of the session, used for debugging purposes.

Policy name

Name and ID of the policy that the first packet of the session matched.

Source NAT pool

The name of the source pool where NAT is used.

Application

Name of the application.

Maximum timeout

Maximum session timeout.

Current timeout

Remaining time for the session unless traffic exists in the session.

Session State

Session state.

Start time

Time when the session was created, offset from the system start time.

Valid sessions

Number of valid sessions.

Pending sessions

Number of pending sessions.

Invalidated sessions

Number of invalidated sessions.

Sessions in other states

Number of sessions in other states.

Sample Output

show security flow session resource-manager

root> show security flow session resource-manager
Flow Sessions on FPC4 PIC1:

Session ID: 170068496, Policy name: default-policy/2, Timeout: 1798, Valid
Resource information : FTP ALG, 24576, 0
  In: 40.0.0.111/32797 --> 30.0.0.100/21;tcp, If: ge-0/0/2.0, Pkts: 82, Bytes: 3964
  Out: 30.0.0.100/21 --> 40.0.0.111/32797;tcp, If: ge-0/0/1.0, Pkts: 72, Bytes: 4998

Session ID: 170068501, Policy name: default-policy/2, Timeout: 150, Valid
Resource information : FTP ALG, 24576, 86016
  In: 30.0.0.100/20 --> 40.0.0.111/32802;tcp, If: ge-0/0/1.0, Pkts: 53637, Bytes: 79808988
  Out: 40.0.0.111/32802 --> 30.0.0.100/20;tcp, If: ge-0/0/2.0, Pkts: 20856, Bytes: 1084520
Total sessions: 2

Flow Sessions on FPC5 PIC0:
Total sessions: 0

Flow Sessions on FPC5 PIC1:
Total sessions: 0

show security flow session resource-manager brief

root> show security flow session resource-manager brief
Flow Sessions on FPC4 PIC1:

Session ID: 170068496, Policy name: default-policy/2, Timeout: 1798, Valid
Resource information : FTP ALG, 24576, 0
  In: 40.0.0.111/32797 --> 30.0.0.100/21;tcp, If: ge-0/0/2.0, Pkts: 82, Bytes: 3964
  Out: 30.0.0.100/21 --> 40.0.0.111/32797;tcp, If: ge-0/0/1.0, Pkts: 72, Bytes: 4998

Session ID: 170068501, Policy name: default-policy/2, Timeout: 150, Valid
Resource information : FTP ALG, 24576, 86016
  In: 30.0.0.100/20 --> 40.0.0.111/32802;tcp, If: ge-0/0/1.0, Pkts: 53637, Bytes: 79808988
  Out: 40.0.0.111/32802 --> 30.0.0.100/20;tcp, If: ge-0/0/2.0, Pkts: 20856, Bytes: 1084520
Total sessions: 2

Flow Sessions on FPC5 PIC0:
Total sessions: 0

Flow Sessions on FPC5 PIC1:
Total sessions: 0

show security flow session resource-manager extensive

root> show security flow session resource-manager extensive
Flow Sessions on FPC4 PIC1:

Session ID: 170068496, Status: Normal
Flag: 0x42
Policy name: default-policy/2
Source NAT pool: Null, Application: junos-ftp/1
Maximum timeout: 1800, Current timeout: 1800
Session State: Valid
Start time: 672899, Duration: 110
Client: FTP ALG, Group: 24576, Resource: 0
   In: 40.0.0.111/32797 --> 30.0.0.100/21;tcp, 
    Interface: ge-0/0/2.0, 
    Session token: 0x180, Flag: 0x0x2621
    Route: 0x90010, Gateway: 40.0.0.111, Tunnel: 0
    Port sequence: 0, FIN sequence: 0, 
    FIN state: 0, 
    Pkts: 84, Bytes: 4044
   Out: 30.0.0.100/21 --> 40.0.0.111/32797;tcp, 
    Interface: ge-0/0/1.0, 
    Session token: 0x1c0, Flag: 0x0x2620
    Route: 0x70010, Gateway: 30.0.0.100, Tunnel: 0
    Port sequence: 0, FIN sequence: 0, 
    FIN state: 0, 
    Pkts: 74, Bytes: 5116               

Session ID: 170068501, Status: Normal
Flag: 0x80001040
Policy name: default-policy/2
Source NAT pool: Null
Maximum timeout: 2, Current timeout: 2
Session State: Valid
Start time: 673004, Duration: 5
Client: FTP ALG, Group: 24576, Resource: 86016
   In: 30.0.0.100/20 --> 40.0.0.111/32802;tcp, 
    Interface: ge-0/0/1.0, 
    Session token: 0x1c0, Flag: 0x0x21
    Route: 0x70010, Gateway: 30.0.0.100, Tunnel: 0
    Port sequence: 0, FIN sequence: 0, 
    FIN state: 2, 
    Pkts: 177002, Bytes: 263785189
   Out: 40.0.0.111/32802 --> 30.0.0.100/20;tcp, 
    Interface: ge-0/0/2.0, 
    Session token: 0x180, Flag: 0x0x20
    Route: 0x90010, Gateway: 40.0.0.111, Tunnel: 0
    Port sequence: 0, FIN sequence: 0, 
    FIN state: 2, 
    Pkts: 66402, Bytes: 3452912         
Total sessions: 2

Flow Sessions on FPC5 PIC0:
Total sessions: 0

Flow Sessions on FPC5 PIC1:
Total sessions: 0

show security flow session resource-manager summary

root> show security flow session resource-manager summary
Flow Sessions on FPC4 PIC1:

Valid sessions: 2
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 2

Flow Sessions on FPC5 PIC0:

Valid sessions: 0
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 0

Flow Sessions on FPC5 PIC1:

Valid sessions: 0
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 0
Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.