'fwaccel conns' and 'fwaccel6 conns'

Description

Shows the list of the SecureXL connections on the local Security Gateway, or Cluster Member.

Warning - If the number of concurrent connections is large, when you run these commands, they can consume memory and CPU at very high level (see sk118716).

Syntax for IPv4

fwaccel [-i <SecureXL ID>] conns

-h

-f <filter>

-m <Number of Entries>

-s

Syntax for IPv6

fwaccel6 conns

-h

-f <Filter>

-m <Number of Entries>

-s

Parameters

Parameter	Description
`-h`	Shows the applicable built-in help.
`-i <`SecureXL ID`>`	Specifies the SecureXL instance ID (for IPv4 only).
`-f <`Filter`>`	Show the SecureXL Connections Table entries based on the specified filter flags. Notes: To see the available filter flags, run: `fwaccel conns -h` Each filter flag is one letter - capital, or small. You can specify more than one flag. For example: `fwaccel conns -f AaQq` Available filter flags are: `A` - Shows accounted connections (for which SecureXL counted the number of packets and bytes). `a` - Shows not accounted connections. `C` - Shows encrypted (VPN) connections. `c` - Shows clear-text (not encrypted) connections. `F` - Shows connections that SecureXL forwarded to Firewall. Note - In R80.20, SecureXL does not support this parameter. `f` - Shows cut-through connections (which SecureXL accelerated). Note - In R80.20, SecureXL does not support this parameter. `H` - Shows connections offloaded to the SAM card. Note - R80.20, does not support the SAM card (Known Limitation PMTR-18774). `h` - Shows connections created in the SAM card. Note - R80.20, does not support the SAM card (Known Limitation PMTR-18774). `L` - Shows connections, for which SecureXL created internal links. `l` - Shows connections, for which SecureXL did not create internal links. `N` - Shows connections that undergo NAT. Note - In R80.20, SecureXL does not support this parameter. `n` - Shows connections that do not undergo NAT. Note - In R80.20, SecureXL does not support this parameter. `Q` - Shows connections that undergo QoS. `q` - Shows connections that do not undergo QoS. `S` - Shows connections that undergo PXL. `s` - Shows connections that do not undergo PXL. `U` - Shows unidirectional connections. `u` - Shows bidirectional connections.
`-m <`Number of Entries`>`	Specifies the maximal number of connections to show. Important - In R80.20, SecureXL does not support this parameter.
`-s`	Shows the summary of SecureXL Connections Table (number of connections). Warning - Depending on the number of current connections, might consume memory at very high level.

Example - Default output from a non-VSX Gateway

[Expert@MyGW:0]# fwaccel conns

Source SPort Destination DPort PR Flags C2S i/f S2C i/f Inst Identity

--------------- ----- --------------- ----- -- ----------- ------- ------- ---- -------

1.1.1.200 50586 1.1.1.100 18191 6 F............. 2/2 2/- 3 0

192.168.0.244 35925 192.168.0.242 18192 6 F............. 1/1 -/- 1 0

192.168.0.93 257 192.168.0.242 53932 6 F............. 1/1 1/- 0 0

192.168.0.242 22 172.30.168.15 57914 6 F............. 1/1 -/- 2 0

192.168.0.244 34773 192.168.0.242 18192 6 F............. 1/1 -/- 2 0

192.168.0.88 138 192.168.0.255 138 17 F............. 1/1 -/- 0 0

1.1.1.100 18191 1.1.1.200 55336 6 F............. 2/2 2/- 4 0

192.168.0.242 18192 192.168.0.244 38567 6 F............. 1/1 -/- 4 0

192.168.0.242 53932 192.168.0.93 257 6 F............. 1/1 1/- 0 0

192.168.0.242 18192 192.168.0.244 62714 6 F............. 1/1 -/- 1 0

192.168.0.244 33558 192.168.0.242 18192 6 F............. 1/1 -/- 5 0

1.1.1.200 36359 1.1.1.100 18191 6 F............. 2/2 2/- 5 0

1.1.1.200 55336 1.1.1.100 18191 6 F............. 2/2 2/- 4 0

192.168.0.242 60756 192.168.0.93 257 6 F............. 1/1 1/- 4 0

1.1.1.100 18191 1.1.1.200 36359 6 F............. 2/2 2/- 5 0

1.1.1.100 18191 1.1.1.200 50586 6 F............. 2/2 2/- 3 0

192.168.0.244 38567 192.168.0.242 18192 6 F............. 1/1 -/- 4 0

192.168.0.242 18192 192.168.0.244 32877 6 F............. 1/1 -/- 5 0

192.168.0.242 53806 192.168.47.45 53 17 F............. 1/1 1/- 3 0

192.168.0.242 18192 192.168.0.244 33558 6 F............. 1/1 -/- 5 0

172.30.168.15 57914 192.168.0.242 22 6 F............. 1/1 -/- 2 0

192.168.0.255 138 192.168.0.88 138 17 F............. 1/1 -/- 0 0

192.168.0.93 257 192.168.0.242 60756 6 F............. 1/1 1/- 4 0

1.1.1.200 18192 1.1.1.100 37964 6 F............. 2/2 -/- 1 0

1.1.1.100 37964 1.1.1.200 18192 6 F............. 2/2 -/- 1 0

192.168.0.244 32877 192.168.0.242 18192 6 F............. 1/1 -/- 5 0

192.168.0.242 18192 192.168.0.244 34773 6 F............. 1/1 -/- 2 0

192.168.0.242 18192 192.168.0.244 35925 6 F............. 1/1 -/- 1 0

192.168.47.45 53 192.168.0.242 53806 17 F............. 1/1 1/- 3 0

192.168.0.244 62714 192.168.0.242 18192 6 F............. 1/1 -/- 1 0

Idx Interface

--- ---------

0 lo

1 eth0

2 eth1

Total number of connections: 30

[Expert@MyGW:0]#