Install guide
62 Firewall Enhancements Release Note
Software Version 2.7.6
C613-10462-00 REV A
show firewall monitor
Syntax SHow FIREwall MOnitor
Description This command displays information about session monitoring (Figure 17,
Table 9).
Figure 17: Example output from the show firewall monitor command
Example To display the number of packets that the firewall has copied, use the
command:
sh fire mo
Firewall Monitoring
Status .................... enabled
Monitor IP Apply to Copy to In(pkts) Out(pkts)
--------------------------------------------------------------------------------
1 192.168.1.1 PRIVATE VLAN2 0 0
2 192.168.1.2 PRIVATE VLAN2 24 26
--------------------------------------------------------------------------------
Table 9: Parameters in output of the show firewall monitor command
Parameter Meaning
Status Whether firewall session monitoring is enabled or disabled.
Monitor The identification number of each monitor. This number uniquely
identifies the monitored device.
IP The IP address of the monitored device. The firewall copies all traffic that
comes to or from this address.
Copy to The interface to which the firewall transmits copies of packets; one of a
VLAN, an Eth interface, or “deleted” if the interface has been deleted.
Deleting the interface deactivates the monitor. Adding the interface back
again reactivates the monitor.
Apply to The firewall interface on which the firewall captures packets; one of
PRIVATE, PUBLIC, or BOTH. PRIVATE means that packets are copied
before firewall processing for outgoing packets and after firewall
processing for incoming packets. PUBLIC means that packets are copied
before firewall processing for incoming packets and after firewall
processing for outgoing packets.
In The number of incoming packets that the firewall has captured using this
monitor. The counter resets when the router or switch restarts.
Out The number of outgoing packets that the firewall has captured using this
monitor. The counter resets when the router or switch restarts.