Monitoring Stateful Firewall Filters

To view stateful firewall filter information in the J-Web interface, select Monitor > Firewall > Stateful Firewall. To display stateful firewall filter information for a particular address prefix, port, or other characteristic, type or select information in one or more of the Narrow Search boxes, and click OK.

After you make changes to the configuration in this window, you must commit the changes immediately for them to take effect. To commit all changes to the active configuration, select Commit Options > Commit. See Using the Commit Options to Commit Configuration Changes (J-Web Procedure) for details about all commit options.

Alternatively, enter the following CLI show commands:

Table 43 summarizes key output fields for stateful firewall filters.

Table 43: Summary of Key Stateful Firewall Filters Output Fields

Field

Values

Protocol

Protocol used for the specified stateful firewall flow.

Source IP

Source prefix of the stateful firewall flow.

Source Port

Source port number of stateful firewall flow.

Destination IP

Destination prefix of the stateful firewall flow.

Destination Port

Destination port number of the stateful firewall flow.

Flow State

Status of the stateful firewall flow:

  • Accept—Number of packets accepted. Drop—Drop all packets in the flow without response.
  • Forward—Forward the packet in the flow without inspecting it.
  • Rejects—Number of packets rejected. Reject—Drop all packets in the flow with response.
  • Watch—Inspect packets in the flow.

Direction

Direction of the flow: I (input) or O (output).

Frames

Number of frames in the flow.