Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

clear security flow session IDP

Syntax

Description

Clear all active Intrusion Detection and Prevention (IDP) sessions or an IDP session based on the specified session parameter.

IDP allows you to enforce various attack detection and prevention techniques on network traffic passing through the SRX Series Firewall. The SRX Series offers the same set of IDP signatures that are available on Juniper Networks IDP Series Intrusion Detection and Prevention Appliances to secure networks against attacks.

Options

application

Name of the application or application set.

  • dns—Domain Name System

  • ftp—File Transfer Protocol

  • ignore—Ignore application type

  • mgcp-ca—Media Gateway Control Protocol with Call Agent

  • mgcp-ua—MGCP with User Agent

  • ms-rpc—Microsoft RPC

  • pptp—Point-to-Point Tunneling Protocol

  • q931—ISDN connection control protocol

  • ras—RAS

  • realaudio—RealAudio

  • rsh—UNIX remote shell services

  • rtsp—Real-Time Streaming Protocol

  • sccp—Skinny Client Control Protocol

  • sip—Session Initiation Protocol

  • sqlnet-v2—Oracle SQLNET

  • sun-rpc—Sun Microsystems RPC

  • talk—TALK program

  • tftp—Trivial File Transfer Protocol

To display the supported applications list on an SRX Series Firewall, enter the following command from configuration mode:

conn-tag

A 32-bit connection tag that uniquely identifies the GPRS tunneling protocol, user plane (GTP-U), and the Stream Control Transmission Protocol (STCP) sessions.

The connection tag for GTP-U is the tunnel endpoint identifier (TEID). For SCTP, it is the vTag. The connection ID remains 0 if the connection tag is not used by the sessions.

  • Range: 0 through 4294967295

destination-port

Destination port.

  • Range: 1 through 65535.

destination-prefix

Destination IP prefix or IP address.

family

Protocol family:

  • inet—Clear IPv4 sessions.

  • inet6–Clear IPv6 sessions.

interface

Name of incoming or outgoing interface.

protocol

IP protocol number.

source-port

Source port.

  • Range: 1 through 65535.

source-prefix

Source IP prefix or address.

Required Privilege Level

clear

Output Fields

When you enter this command, you are provided feedback on the status of your request.

The same output is displayed when you enter an option for this command.

Sample Output

command-name

Release Information

Command introduced in Junos OS Release 10.2.