show security flow gate destination-port

Syntax

show security flow gate destination-port destination-port-number [brief | summary]

Release Information

Command introduced in Release 10.2 of Junos OS.

Description

Display information about temporary openings known as pinholes or gates in the security firewall that for the specified destination port.

Note: Destination port filter matches the gate only if the given port falls within the range of ports specified in the gate.

Options

destination-port-number

Number of the destination port for which to display gate information.

Range: 1 through 65,535

brief | summary

Display the specified level of output.

Required Privilege Level

view

Related Topics

show security flow gate

show security flow gate destination-prefix

List of Sample Output

show security flow gate destination-port brief
show security flow gate destination-port summary

Output Fields

Table 69 lists the output fields for the show security flow gate destination-port command. Output fields are listed in the approximate order in which they appear.

Table 69: show security flow gate destination-port Output Fields

Field Name

Field Description

Hole

Range of flows permitted by the pinhole.

Translated

Tuples used to create the session if it matches the pinhole.

  • Source address and port
  • Destination address and port

Protocol

Application protocol, such as UDP or TCP.

Application

Name of the application.

Age

Idle timeout for the pinhole.

Flags

Internal debug flags for the pinhole.

Zone

Incoming zone.

Reference count

Number of resource manager references to the pinhole.

Resource

Resource manager information about the pinhole.

Valid gates

Number of valid gates.

Pending gates

Number of pending gates.

Invalidated gates

Number of invalid gates.

Gates in other states

Number of gates in other states.

Total gates

Number of gates in total.

Maximum gates

Number of maximum gates.

Sample Output

show security flow gate destination-port brief

root> show security flow gate destination-port 33253 brief
Flow Gates on FPC4 PIC1:

Hole: 40.0.0.111-40.0.0.111/0-0->30.0.0.100-30.0.0.100/33253-33253
  Translated: 40.0.0.111/0->30.0.0.100/33253
  Protocol: tcp
  Application: FTP ALG/79
  Age: 65526 seconds
  Flags: 0x0080
  Zone: trust
  Reference count: 1
  Resource: 1-24576-86016

Valid gates: 1
Pending gates: 0
Invalidated gates: 0
Gates in other states: 0
Total gates: 1

Flow Gates on FPC5 PIC0:

Valid gates: 0
Pending gates: 0
Invalidated gates: 0
Gates in other states: 0                
Total gates: 0

Flow Gates on FPC5 PIC1:

Valid gates: 0
Pending gates: 0
Invalidated gates: 0
Gates in other states: 0
Total gates: 0

show security flow gate destination-port summary

root> show security flow gate destination-port 33253 summary
Flow Gates on FPC4 PIC1:

Valid gates: 1
Pending gates: 0
Invalidated gates: 0
Gates in other states: 0
Total gates: 1
Maximum gates: 131072

Flow Gates on FPC5 PIC0:

Valid gates: 0
Pending gates: 0
Invalidated gates: 0
Gates in other states: 0
Total gates: 0
Maximum gates: 131072

Flow Gates on FPC5 PIC1:

Valid gates: 0
Pending gates: 0
Invalidated gates: 0
Gates in other states: 0                
Total gates: 0
Maximum gates: 131072
Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.