Table 13: show firewall Output Fields
Field Description
Field Name
Name of a filter that has been configured with the
filter
statement at the
[edit firewall]
hierarchy
level.
Except on EX Series switches:
•
When an interface-specific filter is displayed, the name of the filter is followed by the full
interface name and by either
-i
for an input filter or
-o
for an output filter.
•
When dynamic filters are displayed, the name of the filter is followed by the full interface name
and by either
-in
for an input filter or
-out
for an output filter. When a logical system–specific
filter is displayed, the name of the filter is prefixed with two underscore (__) characters and the
name of the logical system (for example,
__ls1/filter1
).
•
When a service filter is displayed that uses a service set, the separator between the service-set
name and the service-filter name is a semicolon (:).
NOTE:
For
bridge family filter
, the
ip-protocol
match criteria is supported only for IPv4 and not
for IPv6. This is applicable for line cards that support the Junos Trio chipset, such as the MX 3D
MPC line cards.
Filter
Display filter counter information:
•
Name
—Name of a filter counter that has been configured with the
counter
firewall filter action.
•
Bytes
—Number of bytes that match the filter term under which the
counter
action is specified.
•
Packets
—Number of packets that matched the filter term under which the
counter
action is
specified.
NOTE:
On M and T Series routers, firewall filters cannot count
ip-options
packets on a per option
type and per interface basis. A limited work around is to use the
show pfe statistics ip options
command to see
ip-options
statistics on a per Packet Forwarding Engine (PFE) basis. See
show
pfe statistics ip
for sample output.
Counters
Display policer information:
•
Name
—Name of policer.
•
Bytes
—(For two-color policers on MX Series routers and EX Series switches, and for hierarchical
policers on interfaces hosted on MICs and MPCs in MX Series routers) Number of bytes that
match the filter term under which the policer action is specified. This is only the number
out-of-specification (out-of-spec) byte counts, not all the bytes in all packets policed by the
policer.
For other combinations of policer type, device, and line card type, this field is blank.
•
Packets
—Number of packets that matched the filter term under which the policer action is
specified. This is only the number of out-of-specification (out-of-spec) packet counts, not all
packets policed by the policer.
Policers
(EX8200 switch only) Global management counter ID. The counter ID value (
counter-index
) can
be 0, 1, or 2.
Policer Counter Index
(EX8200 switch only) Number of packets within the limits. The number of packets is smaller than
the committed information rate (CIR).
Green
(EX8200 switch only) Number of packets partially within the limits. The number of packets is
greater than the CIR, but the burst size is within the excess burst size (EBS) limit.
Yellow
Copyright © 2016, Juniper Networks, Inc.
246
Traffic Policers Feature Guide for EX9200 Switches
Summary of Contents for EX9200 Series
Page 8: ...Copyright 2016 Juniper Networks Inc viii Traffic Policers Feature Guide for EX9200 Switches ...
Page 10: ...Copyright 2016 Juniper Networks Inc x Traffic Policers Feature Guide for EX9200 Switches ...
Page 12: ...Copyright 2016 Juniper Networks Inc xii Traffic Policers Feature Guide for EX9200 Switches ...
Page 20: ...Copyright 2016 Juniper Networks Inc 2 Traffic Policers Feature Guide for EX9200 Switches ...
Page 32: ...Copyright 2016 Juniper Networks Inc 14 Traffic Policers Feature Guide for EX9200 Switches ...
Page 34: ...Copyright 2016 Juniper Networks Inc 16 Traffic Policers Feature Guide for EX9200 Switches ...
Page 42: ...Copyright 2016 Juniper Networks Inc 24 Traffic Policers Feature Guide for EX9200 Switches ...
Page 54: ...Copyright 2016 Juniper Networks Inc 36 Traffic Policers Feature Guide for EX9200 Switches ...
Page 56: ...Copyright 2016 Juniper Networks Inc 38 Traffic Policers Feature Guide for EX9200 Switches ...
Page 72: ...Copyright 2016 Juniper Networks Inc 54 Traffic Policers Feature Guide for EX9200 Switches ...
Page 132: ...Copyright 2016 Juniper Networks Inc 114 Traffic Policers Feature Guide for EX9200 Switches ...
Page 152: ...Copyright 2016 Juniper Networks Inc 134 Traffic Policers Feature Guide for EX9200 Switches ...
Page 162: ...Copyright 2016 Juniper Networks Inc 144 Traffic Policers Feature Guide for EX9200 Switches ...
Page 178: ...Copyright 2016 Juniper Networks Inc 160 Traffic Policers Feature Guide for EX9200 Switches ...
Page 186: ...Copyright 2016 Juniper Networks Inc 168 Traffic Policers Feature Guide for EX9200 Switches ...
Page 188: ...Copyright 2016 Juniper Networks Inc 170 Traffic Policers Feature Guide for EX9200 Switches ...
Page 202: ...Copyright 2016 Juniper Networks Inc 184 Traffic Policers Feature Guide for EX9200 Switches ...
Page 212: ...Copyright 2016 Juniper Networks Inc 194 Traffic Policers Feature Guide for EX9200 Switches ...
Page 214: ...Copyright 2016 Juniper Networks Inc 196 Traffic Policers Feature Guide for EX9200 Switches ...
Page 278: ...Copyright 2016 Juniper Networks Inc 260 Traffic Policers Feature Guide for EX9200 Switches ...