Table 16: show security policies Output Fields (continued)
Field DescriptionField Name
Name of a preconfigured scheduler whose schedule determines when the policy is active
and can be used as a possible match for traffic.
Scheduler name
• Input bytes—The total number of bytes presented for processing by the device.
• Initial direction—The number of bytes presented for processing by the device from
the initial direction.
• Reply direction—The number of bytes presented for processing by the device from
the reply direction.
• Output bytes—The total number of bytes actually processed by the device.
• Initial direction—The number of bytes from the initial direction actually processed
by the device.
• Reply direction—The number of bytes from the reply direction actually processed
by the device.
• Input packets—The total number of packets presented for processing by the device.
• Initial direction—The number of packets presented for processing by the device from
the initial direction.
• Replydirection—The number of packets presented for processing by the device from
the reply direction.
• Output packets—The total number of packets actually processed by the device.
• Initial direction—The number of packets actually processed by the device from the
initial direction.
• Reply direction—The number of packets actually processed by the device from the
reply direction.
• Session rate—The total number of active and deleted sessions.
• Active sessions—The number of sessions currently present because of access control
lookups that used this policy.
• Session deletions—The number of sessions deleted since system startup.
• Policy lookups—The number of times the policy was accessed to check for a match.
NOTE: Configure the Policy P1 with the count option to display policy statistics.
Policy statistics
Configured sync and sequence checks, and the configured TCP MSS value for the initial
direction and /or the reverse direction.
Per policy TCP Options
Sample Output
show security policies
user@host> show security policies
From zone: trust, To zone: untrust
Policy: p1, State: enabled, Index: 4, Sequence number: 1
Source addresses:
sa-1-ipv4: 2.2.2.0/24
sa-2-ipv6: 2001:0db8::/32
sa-3-ipv6: 2001:0db6/24
sa-4-wc: 192.168.0.11/255.255.0.255
Destination addresses:
da-1-ipv4: 2.2.2.0/24
da-2-ipv6: 2400:0af8::/32
123Copyright © 2016, Juniper Networks, Inc.
Chapter 12: Operational Commands
To Next Page
Loading...
Need help?
General
