Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] Understanding debug flow filters

0

0

Article ID: KB6709 KB Last Updated: 06 Feb 2013Version: 7.0
Summary:
This article provides information about debug flow filters.
Symptoms:
Environment:

  • ffilter

  • flow filters

Symptoms and Errors:

Debug data is not being captured.
Cause:

Solution:

The debug flow filters can be configured to be logical AND or OR statements.

OR operation:

When the filters are typed on separate lines, they will be logically OR:

set ffilter src-ip <ip address X>
set ffilter dst-ip <ip address Y>
set ffilter ip-proto <protocol #>

This will capture the data if the source OR destination matches the specified IP address OR if the data matches the specified IP protocol.

AND operation:

When the ffilters are typed on the same line, they will be logically AND:

set ffilter src-ip <ip address X> dst-ip <ip address Y> ip-proto <protocol#>


Only data, for which the source address matches the specified IP address (X) AND the destination address matches the specified IP address (Y) AND the protocol # matches the specified #, will be captured.  A match must be found for all statements or the data will not be captured.

Note: You can configure up to eight flow filters.

For more information, refer the following articles:

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search