Print Download PDF Send Feedback

Previous

Next

fw ctl multik gconn

Description

Shows statistics about CoreXL Global Connections that Security Gateway stores in the kernel table fw_multik_ld_gconn_table.

The CoreXL Global Connections table contains information about which CoreXL FW instance owns which connections.

Notes:

Syntax

fw [-d] ctl multik gconn

-h

-p

-sec

-seg <Number>

Parameters

Parameter

Description

-d

Runs the command in debug mode. Use only if you troubleshoot the command itself.

none

Shows the interactive menu for the CoreXL Firewall Priority Queues.

-h

Shows the built-in help.

-p

Shows the additional information about each CoreXL FW instance, including the information about Firewall Priority Queues:

  • I/O (In or Out)
  • Inst. ID (CoreXL FW instance ID)
  • Flags
  • Seq (Sequence)
  • Hold_ref (Hold reference)
  • Prio (Firewall Priority Queues mode)
  • last_enq_jiff (Jiffies since last enqueue)
  • queue_indx (Queue index number)
  • conn_tokens (Connection Tokens)

-s

Shows the total number of global connections.

-sec

Shows the additional information about each CoreXL FW instance:

  • I/O (In or Out)
  • Inst. ID (CoreXL FW instance ID)
  • Flags
  • Seq (Sequence)
  • Hold_ref (Hold reference)

-seg <Number>

Shows the default information about the specified Global Connections Segment.

Example 1 - Default information

[Expert@MyGW:0]# fw ctl multik gconn

Default:

==========================================================================================================================

| Segm | Src IP | S.port | Dst IP | D.port | Proto | Flags | PP |Ref Cnt(I/O)|Inst|PPAK ID|clstr mem ID|Rec. ref|Rec. Type|

==========================================================================================================================

| 0 | 192.168.3.52 | 18192 | 192.168.3.240 | 46082 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |

| 0 | 192.168.3.52 | 54216 | 192.168.3.240 | 257 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |

| 0 | 192.168.3.240 | 53925 | 192.168.3.53 | 18192 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |

| 0 | 192.168.3.240 | 257 | 192.168.3.52 | 54216 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |

| 0 | 192.168.3.53 | 18192 | 192.168.3.240 | 64216 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 15 | 0 | UNDEF |

| 0 | 0.0.0.0 | 8116 | 192.168.3.53 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 1 | 0 | UNDEF |

| 0 | 0.0.0.0 | 8116 | 192.168.3.52 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |

| 0 | 192.168.3.240 | 64216 | 192.168.3.53 | 18192 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 15 | 0 | UNDEF |

| 0 | 192.168.3.52 | 8116 | 0.0.0.0 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |

| 0 | 172.20.168.16 | 63800 | 192.168.3.53 | 22 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |

| 0 | 192.168.3.240 | 46082 | 192.168.3.52 | 18192 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |

| 0 | 192.168.3.53 | 8116 | 0.0.0.0 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 1 | 0 | UNDEF |

| 0 | 192.168.3.53 | 22 | 172.20.168.16 | 63800 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |

| 0 | 192.168.3.53 | 18192 | 192.168.3.240 | 53925 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |

==========================================================================================================================

FP - from pool. T - temporary connection. PP - pending pernament.

[Expert@MyGW:0]#

Example 2 - Summary information only

[Expert@MyGW:0]# fw ctl multik gconn -s

Summary:

Total number of global connections: 12

[Expert@MyGW:0]#

Example 3 - Additional information about each CoreXL FW instance, including the information about Firewall Priority Queues

[Expert@MyGW:0]# fw ctl multik gconn -p

Instance section prio info:

=======================================================================================================================================================================================================

| Segm | Src IP | S.port | Dst IP | D.port | Proto | Flags | PP |Ref Cnt(I/O)|Inst|PPAK ID|clstr mem ID|Rec. ref|Rec. Type|Inst. Section: I/O|Inst. ID|Flags| Seq | Hold_ref |Prio:|last_enq_jiff|queue_indx|conn_tokens

=======================================================================================================================================================================================================

| 0 | 192.168.3.52 | 18192 | 192.168.3.240 | 46082 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.240 | 53925 | 192.168.3.53 | 18192 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |Inst. Section: In | 0 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.240 | 257 | 192.168.3.52 | 35883 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.53 | 18192 | 192.168.3.240 | 64216 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 15 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 0.0.0.0 | 8116 | 192.168.3.53 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 1 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 0.0.0.0 | 8116 | 192.168.3.52 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.240 | 64216 | 192.168.3.53 | 18192 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 15 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.52 | 8116 | 0.0.0.0 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 172.20.168.16 | 63800 | 192.168.3.53 | 22 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |Inst. Section: In | 0 | Perm | 494 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.240 | 46082 | 192.168.3.52 | 18192 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.52 | 35883 | 192.168.3.240 | 257 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.53 | 8116 | 0.0.0.0 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 1 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 0 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.53 | 22 | 172.20.168.16 | 63800 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |Inst. Section: Out | 0 | Perm | 280 | 0 |Prio:| 0 | -1 | 0 |

| 0 | 192.168.3.53 | 18192 | 192.168.3.240 | 53925 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |Inst. Section: Out | 0 | Perm | 219 | 0 |Prio:| 0 | -1 | 0 |

=======================================================================================================================================================================================================

FP - from pool. T - temporary connection. PP - pending pernament. In - inbound. Out - outbound.

[Expert@MyGW:0]#

Example 4 - Additional information about each CoreXL FW instance

[Expert@MyGW:0]# fw ctl multik gconn -sec

Instance section:

======================================================================================================================================================================

| Segm | Src IP | S.port | Dst IP | D.port | Proto | Flags | PP |Ref Cnt(I/O)|Inst|PPAK ID|clstr mem ID|Rec. ref|Rec. Type|Inst. Section: I/O|Inst. ID|Flags| Seq | Hold_ref |

======================================================================================================================================================================

| 0 | 192.168.3.52 | 18192 | 192.168.3.240 | 46082 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 0 | 0 |

| 0 | 192.168.3.52 | 52864 | 192.168.3.240 | 257 | 6 |FP .. ..| No | 0/0 | 2 | 32 | 0 | 0 | UNDEF |Inst. Section: Out | 2 | Perm | 0 | 0 |

| 0 | 192.168.3.240 | 53925 | 192.168.3.53 | 18192 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |Inst. Section: In | 0 | Perm | 0 | 0 |

| 0 | 192.168.3.53 | 18192 | 192.168.3.240 | 64216 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 15 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 0 | 0 |

| 0 | 192.168.3.53 | 60186 | 192.168.3.240 | 257 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 1 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 76 | 0 |

| 0 | 0.0.0.0 | 8116 | 192.168.3.53 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 1 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |

| 0 | 0.0.0.0 | 8116 | 192.168.3.52 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |

| 0 | 192.168.3.240 | 64216 | 192.168.3.53 | 18192 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 15 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |

| 0 | 192.168.3.52 | 8116 | 0.0.0.0 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 0 | 0 |

| 0 | 172.20.168.16 | 63800 | 192.168.3.53 | 22 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |Inst. Section: In | 0 | Perm | 479 | 0 |

| 0 | 192.168.3.240 | 46082 | 192.168.3.52 | 18192 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 0 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |

| 0 | 192.168.3.53 | 8116 | 0.0.0.0 | 8116 | 17 |FP .. ..| No | 0/0 | 1 | 32 | 1 | 0 | UNDEF |Inst. Section: Out | 1 | Perm | 0 | 0 |

| 0 | 192.168.3.240 | 257 | 192.168.3.52 | 52864 | 6 |FP .. ..| No | 0/0 | 2 | 32 | 0 | 0 | UNDEF |Inst. Section: In | 2 | Perm | 0 | 0 |

| 0 | 192.168.3.53 | 22 | 172.20.168.16 | 63800 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |Inst. Section: Out | 0 | Perm | 257 | 0 |

| 0 | 192.168.3.53 | 18192 | 192.168.3.240 | 53925 | 6 |FP .. ..| No | 0/0 | 0 | 32 | 1 | 0 | UNDEF |Inst. Section: Out | 0 | Perm | 219 | 0 |

| 0 | 192.168.3.240 | 257 | 192.168.3.53 | 60186 | 6 |FP .. ..| No | 0/0 | 1 | 32 | 1 | 0 | UNDEF |Inst. Section: In | 1 | Perm | 0 | 0 |

======================================================================================================================================================================

FP - from pool. T - temporary connection. PP - pending pernament. In - inbound. Out - outbound.

[Expert@MyGW:0]#

27 December 2020
Was this helpful?
Incorrect information Not what I'm looking for Too much information Confusing information
© 2020 Check Point Software Technologies Ltd. All rights reserved.