Evil TTL - Network Solutions
Evil TTL   >   Juniper SRX Security Policy Lookup

Evil_TTL> show | s

Juniper SRX Security Policy Lookup

Category:Juniper -> Security

Juniper SRX security policy lookup filter:

show security match-policies from-zone <zone_nameto-zone <zone_namesource-ip 10.2.2.2 source-port 2222 destination-ip 10.3.3.3 destination-port 80 protocol tcp logical-system <lsys_name// source port is mandatory but is not strictly considered in search criteria 

View active sessions:

show security flow session source-prefix 10.2.2.2 destination-prefix 10.3.3.3 logical-system <lsys_name// ports and protocols can also be defined 

Extra useful commands:

show security policies hit-count
show security policies policy-name <name>
show security policies from-zone <zone_nameto-zone <zone-name
By privilege15