Skip to content

Support



Juniper was the first North American IP routing vendor to achieve the prestigious TL 9000 certification by the Quality of Excellence for Suppliers of Telecommunications (QuEST) Forum in the router category, for design, development, provision and service and support.



What is J-Care?

It's the world-class service and support that you expect from a company that delivers the industry's best infrastructure and security products. With J-Care, you now have the confidence knowing that Juniper will do our part to keep you on top of the world!


show firewall

Syntax

show firewall
<counter counter-name>
<filter filter-name>

Release Information

Command introduced in JUNOS Release 9.0 for EX-series switches.

Description

Display statistics about configured firewall filters.

Options

none — Display statistics about all configured firewall filters, counters, and policers.

counter counter-name(Optional) Display statistics about a particular firewall filter counter.

filter filter-name(Optional) Display statistics about a particular firewall filter.

Required Privilege Level

view

List of Sample Output

show firewall
show firewall (filter filter-name)
show firewall (counter counter-name)

Output Fields

Table 1 lists the output fields for the show firewall command. Output fields are listed in the approximate order in which they appear.

Table 1: show firewall Output Fields

Field Name

Field Description

Level of Output

Filter

Name of the filter that is configured with the filter statement at the [edit firewall] hierarchy level.

All levels

Counters

Display filter counter information:

  • Name—Name of a filter counter that has been configured with the counter firewall filter action
  • Bytes—Number of bytes that match the filter term where the counter action was specified.
  • Packets—Number of packets that matched the filter term where the counter action was specified.

All levels

Policers

Display policer information:

  • Name—Name of policer.
  • Packets—Number of packets that matched the filter term where the policer action was specified. This is the number of packets that exceed the rate limits that the policer specifies.

All levels

show firewall

user@host> show firewall 
Filter: egress-vlan-filter
Counters:
Name                                                Bytes              Packets
employee-web-counter                                   0                    0
Filter: ingress-port-filter
Counters:
Name                                                Bytes              Packets
ingress-port-counter                                    0                    0
Filter: ingress-port-voip-class-filter
Counters:
Name                                                Bytes              Packets
icmp-counter                                            0                    0
Policers:
Name                                              Packets
icmp-connection-policer                                 0
tcp-connection-policer                                  0

show firewall (filter filter-name)

user@host> show firewall filter egress-vlan-filter 
Filter: egress-vlan-filter
Counters:
Name                                                Bytes              Packets
employee-web-counter                                   0                    0

show firewall (counter counter-name)

user@host> show firewall counter icmp-counter 
Filter: ingress-port-voip-class-filter
Counters:
Name                                                Bytes              Packets
icmp-counter                                            0                    0