Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 479
Brocade Mobility RFS Controller CLI Reference Guide
465
53-1003098-01
6
show firewall flows {management {on <DEVICE-NAME>}|stats {on <DEVICE-NAME>}|
wireless-client <MAC>|on <DEVICE-NAME>}
Example
rfs7000-37FABE(config)#show firewall dhcp snoop-table on rfs7000-37FABE
Snoop Binding <157.235.208.252, 00-15-70-37-FA-BE, Vlan 4>
Type Controller-SVI, Touched 32 seconds ago
--------------------------------------------------------------------------
Snoop Binding <172.16.10.2, 00-15-70-37-FA-BE, Vlan 1>
Type Controller-SVI, Touched 1 seconds ago
--------------------------------------------------------------------------
rfs7000-37FABE(config)#
rfs7000-37FABE(config)#show firewall flows management on rfs7000-37FABE
========== Flow# 1 Summary ==========
Forward:
Vlan 1, TCP 172.16.10.10 port 3995 > 172.16.10.1 port 22
00-02-B3-28-D1-55 > 00-15-70-37-FA-BE, ingress port ge1
Egress port: <local>, Egress interface: vlan1, Next hop: <local>
(00-15-70-37-FA-BE)
573 packets, 49202 bytes, last packet 0 seconds ago
Reverse:
Vlan 1, TCP 172.16.10.1 port 22 > 172.16.10.10 port 3995
00-15-70-37-FA-BE > 00-02-B3-28-D1-55, ingress port local
Egress port: ge1, Egress interface: vlan1, Next hop: 172.16.10.10
(00-02-B3-28-D1-55)
552 packets, 63541 bytes, last packet 0 seconds ago
TCP state: Established
Flow times out in 1 hour 30 minutes
min-idle
<1-4294967295>
Optional. Filters firewall flows idle for at least the specified duration. Specify a min-idle value from 1 -
4294967295 bytes.
min-pkts
<1-4294967295>
Optional. Filters firewall flows with at least the given number of packets. Specify a min-bytes value from 1 -
4294967295 bytes.
not
Optional. Negates the filter expression selected
port <1-65535>
Optional. Matches either the source or destination port. Specify a port from 1 - 65535.
src <1-65535>
Optional. Matches only the source port with the specified port. Specify a port from 1 - 65535.
tcp
Optional. Matches TCP flows
udp
Optional. Matches UDP flows
firewall flows
Notifies a session has been established
management
{on <DEVICE-NAME>}
Optional. Displays management traffic firewall flows
•
on <DEVICE-NAME> – Optional. Displays firewall flows on a specified device
•
<DEVICE-NAME> – Specify the name of the AP, wireless controller, or service platform.
stats
{on <DEVICE-NAME>}
Optional. Displays active session summary
•
on <DEVICE-NAME> – Optional. Displays active session summary on a specified device
•
<DEVICE-NAME> – Specify the name of the AP, wireless controller, or service platform.
wireless-client <MAC>
Optional. Displays wireless clients firewall flows
•
<MAC> – Specify the MAC address of the wireless client.
on <DEVICE-NAME>
Optional. Displays all firewall flows on a specified device
•
<DEVICE-NAME> – Specify the name of the AP, wireless controller, or service platform.