Displaying Firewall Filter Logs - Juniper J2300 User Manual

user@untrusted-nw-trusted-host> ping trusted-nw-trusted-host
PING trusted-nw-trusted-host-fe-000.acme.net (112.148.2.3): 56 data bytes
64 bytes from 10.148.2.3: icmp_seq=0 ttl=253 time=18.248 ms
64 bytes from 10.148.2.3: icmp_seq=1 ttl=253 time=10.906 ms
64 bytes from 10.148.2.3: icmp_seq=2 ttl=253 time=12.845 ms
...
Verify the following information:
What It Means
For information about using the J-Web interface to ping a host, see "Using the
J-Web Ping Host Tool" on page 218.
For more information about the
on page 226 or the JUNOS Protocols, Class of Service, and System Basics Command
Reference.

Displaying Firewall Filter Logs

Verify that packets are being logged. If you included the
Purpose
term, verify that packets matching the term are recorded in the firewall log or
your system logging facility.
From operational mode in the CLI, enter the
Action
The log of discarded packets generated from the firewall filter configured in
"Configuring a Routing Engine Firewall Filter for Services and Protocols from
Trusted Sources" on page 400 is displayed in the following sample output.
Sample Output
user@host> show firewall log
Log :
Time
15:11:02
15:11:01
15:11:01
15:11:01
...
A ping request from host
host
untrusted-nw-untrusted-host
A ping request from host
host . Verify that the ping response displays an IP address
trusted-nw-trusted-host
from the configured NAT pool of
Filter Action Interface
pfe D fe-0/0/0.0
pfe D fe-0/0/0.0
pfe D fe-0/0/0.0
pfe D fe-0/0/0.0
Configuring Firewall Filters and NAT
returns a ping response from
trusted-nw-trusted-host
.
returns a ping response from
untrusted-nw-trusted-host
through
10.148.2.1
command, see "Using the ping Command"
ping
show firewall log
Protocol Src Addr
TCP 172.17.28.19
TCP 172.17.28.19
TCP 172.17.28.19
TCP 172.17.28.19
Verifying Firewall Filter Configuration
.
10.148.2.32
or action in a
log syslog
command.
Dest Addr
192.168.70.71
192.168.70.71
192.168.70.71
192.168.70.71
421