Chapter 103 Verifying Firewall Filter Configuration; Verifying That Firewall Filters Are Operational - Juniper JUNOS OS 10.3 - SOFTWARE Manual

CHAPTER 103
Verifying Firewall Filter Configuration

Verifying That Firewall Filters Are Operational

Purpose
Action
Meaning
Related
Documentation
Copyright © 2010, Juniper Networks, Inc.
Verifying That Firewall Filters Are Operational on page 3083
Verifying That Policers Are Operational on page 3084
Monitoring Firewall Filter Traffic on page 3084
After you configure and apply firewall filters to ports, VLANs, or Layer 3 interfaces, you
can perform the following task to verify that the firewall filters configured on EX Series
switches are working properly.
Use the operational mode command to verify that the firewall filters on the switch are
working properly:
user@switch> show firewall
Filter: egress-vlan-watch-employee
Counters:
Name
counter-employee-web
Filter: ingress-port-voip-class-limit-tcp-icmp
Counters:
Name
icmp-counter
Policers:
Name
icmp-connection-policer
tcp-connection-policer
Filter: ingress-vlan-rogue-block
Filter: ingress-vlan-limit-guest
The command displays the names of all firewall filters, policers, and
show firewall
counters that are configured on the switch. For each counter that is specified in a filter
configuration, the output field shows the byte count and packet count for the term in
which the counter is specified. For each policer that is specified in a filter configuration,
the output field shows the packet count for packets that exceed the specified rate limits.
Configuring Firewall Filters (CLI Procedure) on page 3063
Configuring Firewall Filters (J-Web Procedure) on page 3069
Configuring Policers to Control Traffic Rates (CLI Procedure) on page 3073
Bytes Packets
0
Bytes Packets
0
Packets
0
0
0
0
3083