...
| Блок кода |
|---|
esr(config)# security zone-pair trusted self esr(config)# security zone-pair any self vrf VRF |
show ip firewall counterscounters
Данная команда используется для просмотра статистики по пакетам, проходящим между зонами, для которых не установлена сессия.
...
| Блок кода |
|---|
esr# show ip firewall counters Zone-pair Rule Action Pkts Bytes Description ------------------------------ ---------- --------------- ---------- ---------- -------------------- any/any default deny 0 0 -- trusted/self 1 permit 1 0 0 permit From local to router trusted/trusted 0 1 0 permit 0 From local to router trusted/trusted0 1 permit 0 0 -- |
show ip firewall sessions
...
| Блок кода |
|---|
esr# show ip firewall sessions
Codes: E - expected, U - unreplied,
A - assured, C - confirmed
Prot Aging Inside Aging Inside source Outside Outside
Inside destination Outside source Outside destination Pkts source Bytes destination Pkts Status Bytes Status
----- ------ ---- ------------- -------- --------------------- --------------------- --------------------- ---------- ---------- ------
icmp 22 10.0.22.3 10.0.22.15 10.0.22.3 10.0.22.15 1 84 C
udp 19 192.168.0.15:138 192.168.0.37:138 192.168.0.15:138 192.168.0.37:138 5 1100 UC |
show ip firewall sessions tracking
...
| Блок кода |
|---|
esr# show ipv6 firewall counters trusted self Zone-pair Rule Action Pkts Bytes Description ------------------------------ ---------- --------------- ---------- ---------- -------------------- any/any any default deny default deny 0 0 0 -- trusted/self 1 permit 0 0 From local to router trusted/trusted 1 permit 0 0 -- |
| Якорь | ||||
|---|---|---|---|---|
|
...
| Блок кода |
|---|
esr# show security zone-pair From zone To zone VRF From zone To zone Description VRF Description ------------- ------------- -------------------------------- ------------------------------------------- trusted untrusted -- Transit zone-pair trusted trusted -- -- trusted self WAN-2 From WAN-2 untrusted self WAN-1 From WAN-1 |
show security zone-pair configuration
...