Table 12: Show Firewall Output Fields - Juniper EX9200 Features Manual
Port mirroring feature guide ex series
Hide thumbs
Also See for EX9200:
- Features manual (342 pages) ,
- Manual (118 pages) ,
- Overview manual (72 pages)
Table of Contents
Advertisement
Port Mirroring Feature Guide for EX9200 Switches
Table 12: show firewall Output Fields
Field Name
Filter
Counters
Policers
Policer Counter Index
Green
Yellow
418
Field Description
Name of a filter that has been configured with the
level.
Except on EX Series switches:
When an interface-specific filter is displayed, the name of the filter is followed by the full
interface name and by either
When dynamic filters are displayed, the name of the filter is followed by the full interface name
and by either
for an input filter or
-in
filter is displayed, the name of the filter is prefixed with two underscore (__) characters and the
name of the logical system (for example,
When a service filter is displayed that uses a service set, the separator between the service-set
name and the service-filter name is a semicolon (:).
NOTE:
For
bridge family filter
for IPv6. This is applicable for line cards that support the Junos Trio chipset, such as the MX 3D
MPC line cards.
Display filter counter information:
—Name of a filter counter that has been configured with the
Name
—Number of bytes that match the filter term under which the
Bytes
—Number of packets that matched the filter term under which the
Packets
specified.
NOTE:
On M and T Series routers, firewall filters cannot count
type and per interface basis. A limited work around is to use the
command to see
ip-options
statistics on a per Packet Forwarding Engine (PFE) basis. See show
pfe statistics ip for sample output.
Display policer information:
Name
—Name of policer.
Bytes
—(For two-color policers on MX Series routers and EX Series switches, and for hierarchical
policers on interfaces hosted on MICs and MPCs in MX Series routers) Number of bytes that
match the filter term under which the policer action is specified. This is only the number
out-of-specification (out-of-spec) byte counts, not all the bytes in all packets policed by the
policer.
For other combinations of policer type, device, and line card type, this field is blank.
—Number of packets that matched the filter term under which the policer action is
Packets
specified. This is only the number of out-of-specification (out-of-spec) packet counts, not all
packets policed by the policer.
(EX8200 switch only) Global management counter ID. The counter ID value (counter-index) can
be 0, 1, or 2.
(EX8200 switch only) Number of packets within the limits. The number of packets is smaller than
the committed information rate (CIR).
(EX8200 switch only) Number of packets partially within the limits. The number of packets is
greater than the CIR, but the burst size is within the excess burst size (EBS) limit.
statement at the
filter
for an input filter or
for an output filter.
-i
-o
for an output filter. When a logical system–specific
-out
).
__ls1/filter1
, the
match criteria is supported only for IPv4 and not
ip-protocol
Copyright © 2016, Juniper Networks, Inc.
hierarchy
[edit firewall]
firewall filter action.
counter
action is specified.
counter
action is
counter
packets on a per option
ip-options
show pfe statistics ip options
Advertisement
Table of Contents
