show services web-filter secintel-policy status
Syntax
show services web-filter secintel-policy status profile profile-name template template-name
Description
Display the IPv4 and IPv6 count per threat level received from the C&C feed from Policy Enforcer. It also displays the count of the number of terms used in the implicit filter per threat level.
Options
profile-name | Name of the profile |
template-name | Name of the template |
Required Privilege Level
view
Sample Output
- show services web-filter secintel-policy status
- show services web-filter secintel-policy status profile
- show services web-filter secintel-policy status
show services web-filter secintel-policy status
user@host> show services web-filter secintel-policy status profile URL Filtering SecIntel Policy Status: Profile : Profile1 C&C DB File : /var/db/url-filterd/urlf_si_cc_db.txt Policy State: Ready DB File Change Time : Tue Nov 27 11:01:10 2018 DB File Load Time : Tue Nov 27 11:01:38 2018 C&C Prefix Count : IPv4: 11093 IPv6: 5 Filters: Threat level Action v4 Term Count IPv4 v6 Term Count IPv6 1 ACCEPT 23 1129 1 2 2 ACCEPT 11 1444 0 0 3 ACCEPT 6 996 0 0 4 ACCEPT 7 564 0 0 5 ACCEPT 7 451 0 0 6 ACCEPT 4 126 0 0 7 LOG 5 175 0 0 8 DROP AND LOG 4 396 1 1 9 ACCEPT 2 164 0 0 10 ACCEPT 33 5601 1 2
user@host> show services web-filter secintel-policy-status profile Profile1 url-filter-template template200 Template : template200 C&C DB File : /var/db/url-filterd/urlf_si_ip_white_list_db.txt Policy State: NA DB File Change Time : NA DB File Load Time : NA C&C Prefix Count : IPv4: 0 IPv6: 0 C&C DB File : /var/db/url-filterd/urlf_si_ip_black_list_db.txt Policy State: NA DB File Change Time : NA DB File Load Time : NA C&C Prefix Count : IPv4: 0 IPv6: 0 C&C DB File : /var/db/url-filterd/urlf_si_ip_custom_db.txt Policy State: Ready DB File Change Time : Tue Feb 04 15:22:20 2020 DB File Load Time : Tue Feb 04 15:24:29 2020 C&C Prefix Count : IPv4: 16 IPv6: 0 Filters: Threat level Action v4 Term Count IPv4 v6 Term Count IPv6 0 ACCEPT AND SAMPLE 0 0 0 0 255 DROP AND SAMPLE 0 0 0 0 1 DROP AND SAMPLE 1 11 0 0 2 ACCEPT 0 0 0 0 3 DROP AND SAMPLE 1 1 0 0 4 DROP AND SAMPLE 1 1 0 0 5 ACCEPT 0 0 0 0 6 ACCEPT 1 1 0 0 7 ACCEPT 1 1 0 0 8 DROP AND SAMPLE 0 0 0 0 9 ACCEPT 1 1 0 0 10 DROP AND SAMPLE 0 0 0 0
show services web-filter secintel-policy status profile
To display GeoIP feed, allowlist and blocklist.
user@host> show services web-filter secintel-policy status profile Profile1 URL Filtering SecIntel Policy Status: Profile : Profile1 C&C DB File : /var/db/url-filterd/urlf_si_ip_global_db.txt Policy State: Ready DB File Change Time : Mon Nov 29 15:24:53 2021 DB File Load Time : Mon Nov 29 15:25:09 2021 C&C Prefix Count : IPv4: 151768 IPv6: 1 Filters: Threat level Action v4 Term Count IPv4 v6 Term Count IPv6 1 ACCEPT 2 518 1 1 2 ACCEPT 35 8645 0 0 3 ACCEPT 30 7038 0 0 4 ACCEPT 41 10985 0 0 5 ACCEPT 2 361 0 0 6 ACCEPT 390 116291 0 0 7 ACCEPT 7 1663 0 0 8 LOG AND SAMPLE 11 1852 0 0 9 ACCEPT 9 520 0 0 10 ACCEPT 15 3895 0 0 Global WL DB File : /var/db/url-filterd/urlf_si_ip_white_list_db.txt DB File Change Time : Wed Nov 24 16:52:28 2021 DB File Load Time : Mon Nov 29 15:25:09 2021 Global WL Prefix Count : IPv4: 24 IPv6: 0 Global BL DB File : urlf_si_ip_global_bl_list_db.txt DB File Change Time : Wed Nov 24 16:52:28 2021 Global BL Prefix Count : IPv4: 1 IPv6: 0 Template : template1 C&C DB File : /var/db/url-filterd/urlf_si_ip_white_list_db.txt Policy State: NA DB File Change Time : NA DB File Load Time : NA C&C Prefix Count : IPv4: 0 IPv6: 0 C&C DB File : /var/db/url-filterd/urlf_si_ip_black_list_db.txt Policy State: NA DB File Change Time : NA DB File Load Time : NA C&C Prefix Count : IPv4: 0 IPv6: 0 C&C DB File : /var/db/url-filterd/urlf_si_ip_custom_db.txt Policy State: NA DB File Change Time : NA DB File Load Time : NA C&C Prefix Count : IPv4: 0 IPv6: 0 Filters: Threat level Action v4 Term Count IPv4 v6 Term Count IPv6 0 ACCEPT AND SAMPLE 0 0 0 0 255 DROP AND SAMPLE 0 0 0 0 1 ACCEPT 0 0 0 0 2 ACCEPT 0 0 0 0 3 ACCEPT 0 0 0 0 4 ACCEPT 0 0 0 0 5 ACCEPT 0 0 0 0 6 ACCEPT 0 0 0 0 7 ACCEPT 0 0 0 0 8 ACCEPT 0 0 0 0 9 ACCEPT 0 0 0 0 10 ACCEPT 0 0 0 0 GeoIP : GeoIP DB File : /var/db/url-filterd/urlf_si_ip_geo_db.txt Policy State: Ready DB File Change Time : Sat Nov 27 18:07:00 2021 DB File Load Time : Sat Nov 27 18:09:01 2021 GeoIP Prefix Count : IPv4: 382607 IPv6: 247093 Filters: Country Action v4 Term Count IPv4 v6 Term Count IPv6 AU DROP 1 300 1 300
show services web-filter secintel-policy status
To verify if an IP address is part of the GeoIP feed.
user@host> show services web-filter secintel-policy-db ip-prefix-information 192.168.1.1/24 profile Profile1 URL Filtering SecIntel Policy DB IP Prefix Info: Profile : Profile1 Downloaded Feed Category : GeoIP Applied Feed Category : GeoIP Threat Level : 255 Threat Level Action : DROP Add Time : Sat Nov 27 18:06:29 2021 Filter Name : v4-si-prof-Profile1-gbl-geo-filter Filter Index : 201326592 Filter Term Name : FILTER_TL_255_COUNTRY_AU_ID_71 Pending Delete : FALSE
Release Information
Statement introduced before Junos OS Release 18.4.
Support added in Junos OS Release 19.3R2 for Next Gen Services on MX Series routers MX240, MX480, and MX960 with the MX-SPC3 services card.