Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Monitoring Firewall Filter Traffic

You can use operational mode commands to monitor firewall filter traffic.

Monitoring Traffic for All Firewall Filters and Policers That Are Configured

Purpose

Monitor the number of packets and bytes that matched the firewall filters and monitor the number of packets that exceeded policer rate limits:

Action

Use the show firewall operational mode command:

Meaning

The show firewall command displays the names of all firewall filters, counters, and policers that are configured. For each counter that is specified in a filter configuration, the output field shows the byte count and packet count for the term in which the counter is specified. For each policer that is specified in a filter configuration, the output field shows the packet count for packets that exceed the specified rate limits.

Monitoring Traffic for a Specific Firewall Filter

Purpose

Monitor the number of packets and bytes that matched a firewall filter and monitor the number of packets that exceeded policer rate limits.

Action

Use the show firewall filter filter-name operational mode command:

Meaning

The show firewall filter filter-name command limits the display information to the counters and policers that are defined for the specified filter.

Monitoring Traffic for a Specific Policer

Purpose

Monitor the number of packets that exceeded the rate limits of a policer:

Action

Use the show firewall policer policer-name operational mode command:

Meaning

The show firewall policer policer-name command displays the number of packets that exceeded the rate limits for the specified policer.