CHAPTER 109
Verifying Firewall Filter Configuration
Verifying That Firewall Filters Are Operational
Purpose
Action
Meaning
Related
Documentation
Copyright © 2010, Juniper Networks, Inc.
Verifying That Firewall Filters Are Operational on page 3311
Verifying That Policers Are Operational on page 3312
Monitoring Firewall Filter Traffic on page 3312
After you configure and apply firewall filters to ports, VLANs, or Layer 3 interfaces, you
can perform the following task to verify that the firewall filters configured on EX Series
switches are working properly.
Use the operational mode command to verify that the firewall filters on the switch are
working properly:
user@switch> show firewall
Filter: egress-vlan-watch-employee
Counters:
Name
counter-employee-web
Filter: ingress-port-voip-class-limit-tcp-icmp
Counters:
Name
icmp-counter
Policers:
Name
icmp-connection-policer
tcp-connection-policer
Filter: ingress-vlan-rogue-block
Filter: ingress-vlan-limit-guest
The
command displays the names of all firewall filters, policers, and counters
show firewall
that are configured on the switch. For each counter that is specified in a filter configuration,
the output field shows the byte count and packet count for the term in which the counter
is specified. For each policer that is specified in a filter configuration, the output field
shows the packet count for packets that exceed the specified rate limits.
Configuring Firewall Filters (CLI Procedure) on page 3289
Configuring Firewall Filters (J-Web Procedure) on page 3296
Configuring Policers to Control Traffic Rates (CLI Procedure) on page 3300
Bytes
Packets
0
Bytes
Packets
0
Packets
0
0
0
0
3311