由下列訊息可以看到紅色部份就是被Firewall擋下來的session.

root@SRX-3400> show security flow cp-session source-prefix 192.168.192.192

Session ID: 20311182, SPU: 1, Valid
  In: 192.168.192.192/52275 --> 31.13.70.65/443;tcp,
  Out: 31.13.70.65/443 --> 192.168.192.192/52275;tcp,

Session ID: 20601499, SPU: 2, Valid
  In: 192.168.192.192/52146 --> 69.171.245.49/443;tcp,
  Out: 69.171.245.49/443 --> 192.168.192.192/52146;tcp,

Session ID: 20854554, SPU: 1, Valid
  In: 192.168.192.192/52147 --> 69.171.245.49/443;tcp,
  Out: 69.171.245.49/443 --> 192.168.192.192/52147;tcp,

Session ID: 21206988, SPU: 1, Valid
  In: 192.168.192.192/52268 --> 31.13.70.6/443;tcp,
  Out: 31.13.70.6/443 --> 192.168.192.192/52268;tcp,

Session ID: 21250928, SPU: 2, Valid
  In: 192.168.192.192/52299 --> 17.172.232.76/443;tcp,
  Out: 17.172.232.76/443 --> 192.168.192.192/52299;tcp,

Session ID: 21697055, SPU: 2, Valid
  In: 192.168.192.192/52265 --> 31.13.70.6/443;tcp,
  Out: 31.13.70.6/443 --> 192.168.192.192/52265;tcp,

Session ID: 21761277, SPU: 2, Valid
  In: 192.168.192.192/51847 --> 69.171.235.48/443;tcp,
  Out: 69.171.235.48/443 --> 192.168.192.192/51847;tcp,

Session ID: 22137534, SPU: 2, Valid
  In: 192.168.192.192/51848 --> 69.171.235.48/443;tcp,
  Out: 69.171.235.48/443 --> 192.168.192.192/51848;tcp,

Session ID: 22308835, SPU: 2, Pending
  In: 192.168.192.192/52409 --> 125.209.222.88/10010;tcp,
  Out: 0.0.0.0/0 --> 0.0.0.0/0;0,           //沒有封包返回
Total sessions: 9

dreamtails 發表在 痞客邦 PIXNET 留言(0) 人氣()