fwaccel, fwaccel6
These commands let you dynamically enable or disable acceleration for IPv4 traffic while the 61000/41000 Security System is in operation. fwaccel6 has the same functionality as fwaccel, but is for IPv6 traffic. This setting goes back to the default value after reboot.
When you run these commands from gclish, fwaccel and fwaccel6 are, for most parameters, comparison global commands that show combined information from all SGMs. The fwaccel stats and fwaccel notifstats commands show aggregated statistics from all SGMs.
Syntax
> fwaccel {on|off|stat|stats [-s} [-d] |conns [-s] -m <max_entries> [-b <sgm_ids>]
> fwaccel templates[-s] [-m <max_entries>] [-b <sgm_ids>]
> fwaccel6 {on|off|stat|stats [-s} [-d] |conns [-s] -m <max_entries> [-b <sgm_ids>]
> fwaccel6 templates[-s] [-m <max_entries>] [-b <sgm_ids>]
Parameter
|
Description
|
-b
|
Works with SGMs and/or Chassis as specified by <sgm_ids>.
<sgm_ids> can be:
- No <sgm_ids> specified or
all shows all SGMs and Chassis - One SGM
- A comma-separated list of SGMs (
1_1,1_4) - A range of SGMs (
1_1-1_4) - One Chassis (
Chassis1 or Chassis2) - The active Chassis (
chassis_active)
Note: You can only select SGMs from one Chassis with this option.
|
on
|
Starts acceleration
|
off
|
Stops acceleration
|
stat
|
Shows the acceleration device status and the status of the Connection Templates on the local Security Gateway.
|
stats
|
Shows acceleration statistics.
|
stats -s
|
Shows more summarized statistics.
|
stats -d
|
Shows dropped packet statistics.
|
conns
|
Shows all connections.
|
conns -s
|
Shows the number of connections defined in the accelerator.
|
conns -m <max_entries>
|
Limits the number of connections displayed by the conns command to <max_entries>.
|
templates
|
Shows all connection templates.
|
templates -m <max_entries>
|
Limits the number of templates displayed by the templates command to <max_entries>.
|
templates -s
|
Shows the number of templates currently defined in the accelerator.
|
Example
> fwaccel stats
Displaying aggregated data from blades: all
Name Value Name Value
-------------------- --------------- -------------------- --------------
Accelerated Path
-----------------------------------------------------------------------------
accel packets 6518 accel bytes 870476
conns created 38848 conns deleted 38043
C total conns 801 C templates 0
C TCP conns 493 C delayed TCP conns 0
C non TCP conns 308 C delayed nonTCP con 0
conns from templates 0 temporary conns 0
nat conns 0 C nat conns 0
dropped packets 0 dropped bytes 0
nat templates 0 port alloc templates 0
conns from nat tmpl 0 port alloc conns 0
Policy deleted tmpl 0 C Policy deleted tmp 0
Accelerated VPN Path
-----------------------------------------------------------------------------
C crypt conns 0 enc bytes 0
dec bytes 0 ESP enc pkts 0
ESP enc err 0 ESP dec pkts 0
ESP dec err 0 ESP other err 0
AH enc pkts 0 AH enc err 0
AH dec pkts 0 AH dec err 0
AH other err 0 espudp enc pkts 0
espudp enc err 0 espudp dec pkts 0
espudp dec err 0 espudp other err 0
Medium Path
-----------------------------------------------------------------------------
PXL packets 0 PXL async packets 0
PXL bytes 0 PXL conns 0
C PXL conns 0 C PXL templates 0
Firewall Path
-----------------------------------------------------------------------------
F2F packets 10077862 F2F bytes 1185051123
F2F conns 38839 C F2F conns 800
TCP violations 0 C partial conns 0
C anticipated conns 0
General
-----------------------------------------------------------------------------
memory used 0 free memory 0
(*) Statistics marked with C refer to current value, others refer to total value
|
