Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

show security flow gate

Syntax

Description

This command displays information about temporary openings known as pinholes or gates in the security firewall.

Pinholes are used by applications that commonly have both control and data sessions and must create openings in the firewall for the data sessions based on information from the parent sessions.

Options

  • destination-port—Destination port

  • destination-prefix—Destination IP prefix or address

  • protocol—IP protocol number

  • source-port—Source port

  • source-prefix—Source IP prefix or address

  • brief | summary—Display the specified level of output.

Required Privilege Level

view

Output Fields

Table 1 lists the output fields for the show security flow gate command. Output fields are listed in the approximate order in which they appear.

Table 1: show security flow gate Output Fields

Field Name

Field Description

Hole

Range of flows permitted by the pinhole.

Translated

Tuples used to create the session if it matches the pinhole.

  • Source address and port

  • Destination address and port

Protocol

Application protocol, such as UDP or TCP.

Application

Name of the application.

Age

Idle timeout for the pinhole.

Flags

Internal debug flags for the pinhole.

Zone

Incoming zone.

Reference count

Number of resource manager references to the pinhole.

Resource

Resource manager information about the pinhole.

Valid gates

Number of valid gates.

Pending gates

Number of pending gates.

Invalidated gates

Number of invalid gates.

Gates in other states

Number of gates in other states.

Total gates

Number of gates in total.

Maximum gates

Number of maximum gates

Sample Output

show security flow gate

show security flow gate brief

show security flow gate summary

Release Information

Command introduced in Junos OS Release 8.5.

Filter and display options added in Junos OS Release 10.2.