Juniper SRX security policy lookup filter:
show security match-policies from-zone <zone_name> to-zone <zone_name> source-ip 10.2.2.2 source-port 2222 destination-ip 10.3.3.3 destination-port 80 protocol tcp logical-system <lsys_name> // source port is mandatory but is not strictly considered in search criteria
View active sessions:
show security flow session source-prefix 10.2.2.2 destination-prefix 10.3.3.3 logical-system <lsys_name> // ports and protocols can also be defined
Extra useful commands:
show security policies hit-count
show security policies policy-name <name>
show security policies from-zone <zone_name> to-zone <zone-name>