Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

What is the difference between 'Show firewall log' and 'show log firewall'?

0

0

Article ID: KB31449 KB Last Updated: 24 Feb 2017Version: 2.0
Summary:

This article explains the difference between the Junos command 'show firewall log' and 'show log firewall'.

Solution:

'show firewall log'


This command shows the traffic logged in firewall filter.

Example:
user@mx# show firewall family inet filter PROTECT-RE-IN | display set
set firewall family inet filter PROTECT-RE-IN term 1 from protocol icmp
set firewall family inet filter PROTECT-RE-IN term 1 then log
set firewall family inet filter PROTECT-RE-IN term 1 then accept user@mx# show interfaces lo0 | display set
set interfaces lo0 unit 0 family inet filter input PROTECT-RE-IN

user@mx# run show firewall log

Time Filter Action Interface Protocol Src Addr Dest Addr
14:10:39 pfe A xe-5/1/0.0 ICMP 10.252.4.206 10.252.70.21
14:10:37 pfe A xe-5/1/0.0 ICMP 172.24.7.229 10.252.70.21
14:10:36 pfe A xe-5/1/0.0 ICMP 172.24.7.229 10.252.70.21
No “run clear firewall log” command , the log is in kernel cache and cannot be cleared, except through a reboot

'show log firewall'

Here, the firewall is a syslog file, configured as follows:

user@mx# show system syslog file firewall | display set
set system syslog file firewall firewall any
user@mx# show firewall family inet filter PROTECT-RE-IN | display set
set firewall family inet filter PROTECT-RE-IN term 1 from protocol icmp
set firewall family inet filter PROTECT-RE-IN term 1 then syslog
set firewall family inet filter PROTECT-RE-IN term 1 then accept

user@mx# run show log firewall
Jun 12 14:12:44 re0-sur02-cran7 fpc5 PFE_FW_SYSLOG_IP: FW: xe-5/1/0.0 A icmp 10.252.4.206 10.252.70.21 11 0 (2 packets)
Jun 12 14:12:45 re0-sur02-cran7 fpc5 PFE_FW_SYSLOG_IP: FW: xe-5/1/0.0 A icmp 10.252.4.206 10.252.70.21 11 0 (1 packets)


You can use 'clear log firewall' to clear the file.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search