'fwaccel templates' and 'fwaccel6 templates'

Description

Shows the contents of the SecureXL templates tables:

Accept Templates
Drop Templates

Important - Based on the number of current templates, these commands can consume memory at very high level.

Syntax for IPv4

fwaccel [-i <SecureXL ID>] templates

[-h]

[-d]

[-m <Number of Rows>]

[-s]

[-S]

Syntax for IPv6

fwaccel6 templates

[-h]

[-d]

[-m <Number of Rows>]

[-s]

[-S]

Parameters

Parameter	Description
`-i <`SecureXL ID`>`	Specifies the SecureXL instance ID (for IPv4 only).
No Parameters	Shows the contents of the SecureXL Accept Templates table (Table Name - `cphwd_tmpl`, Table ID - 8111).
`-h`	Shows the applicable built-in usage.
`-d`	Shows the contents of the SecureXL Drop Templates table.
`-m <`Number of Rows`>`	Specifies how many rows to show from the templates table. Note - The command counts from the top of the table. Default : 1000
`-s`	Shows the summary of SecureXL Connections Templates (number of templates)
`-S`	Shows statistics for the SecureXL Connections Templates.

Accept Templates flags

One or more of these flags appears in the output:

Flag	Description
A	Connection is accounted (SecureXL counts the number of packets and bytes).
B	Connection is created for a rule that contains an Identity Awareness object, or for a rule below that rule.
D	Connection is created for a rule that contains a Domain object, or for a rule below that rule.
I	Identity Awareness (NAC) is enabled for this connection.
N	Connection is NATed.
O	Connection is created for a rule that contains a Dynamic object, or for a rule below that rule.
Q	QoS is enabled for this connection.
R	Connection is created for a rule that contains a Traceroute object, or for a rule below that rule.
S	PXL (combination of SecureXL and PSL (Passive Streaming Library)) is enabled for this connection.
T	Connection is created for a rule that contains a Time object, or for a rule below that rule.
U	Connection is unidirectional.
Z	Connection is created for a rule that contains a Security Zone object, or for a rule below that rule.

Drop Templates flags

One or more of these flags appears in the output:

Flag	Description
D	Drop template exists for this connection.
L	Log and Drop action for this connection.

Example 1 - Default output

[Expert@MyGW:0]# fwaccel templates

Source SPort Destination DPort PR Flags LCT DLY C2S i/f S2C i/f

--------------- ----- --------------- ----- -- ------------ ---- --- ------- -------

192.168.10.20 * 192.168.10.50 80 6 0 0 0 eth5/eth1 eth1/eth5

[Expert@MyGW:0]#

Example 2 - Drop Templates

[Expert@MyGW:0]# fwaccel templates -d

The SecureXL drop templates table is empty

[Expert@MyGW:0]#

Example 3 - Summary of SecureXL Connections Templates

[Expert@MyGW:0]# fwaccel templates -s

Total number of templates: 1

[Expert@MyGW:0]#

Example 4 - Templates statistics

[Expert@MyGW:0]# fwaccel templates -S

Templates stats:

Name Value Name Value

-------------------- ------------ -------------------- ------------

C templates 0 conns from templates 0

nat templates 0 conns from nat tmpl 0

C CPASXL templates 0 C PSLXL templates 0

C used templates 0 cpasxl tmpl conns 0

pslxl tmpl conns 0 C conns from tmpl 0

[Expert@MyGW:0]#