|
|
|
Description
Shows formatted list of current connections from the Connections kernel table (ID 8158).
Use this command if you want to see the simplified information about the current connections.
Note - Use the fw tab -t connections -f command if you want to see the detailed (and more technical) information about the current connections.
Syntax
fw [-d] ctl conntab {-h | -help} -sip=<Source IP Address in Decimal Format> -sport=<Port Number in Decimal Format> -dip=<Destination IP Address> -dport=<Port Number in Decimal Format> -proto=<Protocol Name> -service=<Name of Service> -rule=<Rule Number in Decimal Format> |
Important - You can specify many parameters at the same time.
Parameters
Parameter |
Description |
|---|---|
|
Shows the built-in usage. |
|
Runs the command in debug mode. Use only if you troubleshoot the command itself. |
|
Filters the output by the specified Source IP address. |
|
Filters the output by the specified Source Port number. |
|
Filters the output by the specified Destination IP address. |
|
Filters the output by the specified Destination Port number. |
|
Filters the output by the specified Protocol name. For example:
|
|
See the names of Services in SmartConsole, or in the output of the |
|
See your Rule Base in SmartConsole, or in the output of the |
Example 1 - Default output
[Expert@MyGW:0]# fw ctl conntab <(inbound, src=[192.168.204.1,54201], dest=[192.168.204.40,22], TCP); 3593/3600, rule=2, tcp state=TCP_ESTABLISHED, service=ssh(481), Ifncin=1, Ifncout=1, conn modules: Authentication, FG-1>
<(outbound, src=[192.168.204.40,59249], dest=[192.168.204.1,53], UDP); 20/40, rule=0, service=domain-udp(335), Ifnsout=1, conn modules: Authentication, FG-1>
<(outbound, src=[192.168.204.40,37892], dest=[192.168.204.1,53], UDP); 20/40, rule=0, service=domain-udp(335), Ifnsin=1, Ifnsout=1, conn modules: Authentication, FG-1> [Expert@MyGW:0]# |
Example 2 - Filter by a destination port
[Expert@MyGW:0]# fw ctl conntab -dport=22 <(inbound, src=[192.168.204.1,54201], dest=[192.168.204.40,22], TCP); 3594/3600, rule=2, tcp state=TCP_ESTABLISHED, service=ssh(481), Ifncin=1, Ifncout=1, conn modules: Authentication, FG-1> [Expert@MyGW:0]# |
Example 3 - Filter by a destination port
[Expert@MyGW:0]# fw ctl conntab -dport=53 <(outbound, src=[192.168.204.40,33585], dest=[192.168.204.1,53], UDP); 39/40, rule=0, service=domain-udp(335), Ifnsout=1, conn modules: Authentication, FG-1>
<(outbound, src=[192.168.204.40,56661], dest=[192.168.204.1,53], UDP); 39/40, rule=0, service=domain-udp(335), Ifnsin=1, Ifnsout=1, conn modules: Authentication, FG-1> [Expert@MyGW:0]# |
Example 4 - Filter by a source port
[Expert@MyGW:0]# fw ctl conntab -sport=54201 <(inbound, src=[192.168.204.1,54201], dest=[192.168.204.40,22], TCP); 3600/3600, rule=2, tcp state=TCP_ESTABLISHED, service=ssh(481), Ifncin=1, Ifncout=1, conn modules: Authentication, FG-1> [Expert@MyGW:0]# |
Example 5 - Filter by a protocol
[Expert@MyGW:0]# fw ctl conntab -proto=UDP <(outbound, src=[192.168.204.40,44966], dest=[192.168.204.1,53], UDP); 37/40, rule=0, service=domain-udp(335), Ifnsin=1, Ifnsout=1, conn modules: Authentication, FG-1> [Expert@MyGW:0]# |
Example 6 - Filter by a protocol
[Expert@MyGW:0]# fw ctl conntab -proto=TCP <(inbound, src=[192.168.204.1,54201], dest=[192.168.204.40,22], TCP); 3596/3600, rule=2, tcp state=TCP_ESTABLISHED, service=ssh(481), Ifncin=1, Ifncout=1, conn modules: Authentication, FG-1> [Expert@MyGW:0]# |
Example 7 - Filter by a service
[Expert@MyGW:0]# fw ctl conntab -service=domain-udp <(outbound, src=[192.168.204.40,44966], dest=[192.168.204.1,53], UDP); 35/40, rule=0, service=domain-udp(335), Ifnsin=1, Ifnsout=1, conn modules: Authentication, FG-1> [Expert@MyGW:0]# |
Example 8 - Filter by a rule number
[Expert@MyGW:0]# fw ctl conntab -rule=2 <(inbound, src=[192.168.204.1,54201], dest=[192.168.204.40,22], TCP); 3597/3600, rule=2, tcp state=TCP_ESTABLISHED, service=ssh(481), Ifncin=1, Ifncout=1, conn modules: Authentication, FG-1> [Expert@MyGW:0]# |
Example 9 - Filter by a destination IP address, destination port, protocol, and service
[Expert@MyGW:0]# fw ctl conntab -dip=192.168.204.40 -dport=22 -proto=TCP -service=ssh <(inbound, src=[192.168.204.1,54201], dest=[192.168.204.40,22], TCP); 3599/3600, rule=2, tcp state=TCP_ESTABLISHED, service=ssh(481), Ifncin=1, Ifncout=1, conn modules: Authentication, FG-1> [Expert@MyGW:0]# |
Example 10 - Formatted detailed output from the Connections table (for comparison)
[Expert@MyGW:0]# fw tab -t connections -f
Formatting table's data - this might take a while...
localhost: Date: Sep 10, 2018 11:30:56 5 N/A N/A 192.168.204.40 > N/A LogId: <max_null>; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=MyGW..44jkyv; : (+)====================================(+); Table_Name: connections; : (+); Attributes: dynamic, id 8158, attributes: keep, sync, aggressive aging, kbufs 21 22 23 24 25 26 27 28 29 30 31 32 33 34, expires 25, refresh, , hashsize 2097152, unlimited; LastUpdateTime: 10Sep2018 11:30:56; ProductName: VPN-1 & FireWall-1; ProductFamily: Network;
11:30:56 5 N/A N/A 192.168.204.40 > N/A LogId: <max_null>; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=MyGW..44jkyv; : -----------------------------------(+); Direction: 1; Source: 192.168.204.40; SPort: 54201; Dest: 192.168.204.1; DPort: 53; Protocol: udp; CPTFMT_sep: ;; Type: 131073; Rule: 0; Timeout: 335; Handler: 0; Ifncin: -1; Ifncout: -1; Ifnsin: -1; Ifnsout: 1; Bits: 0000780000000000; Expires: 23/40; LastUpdateTime: 10Sep2018 11:30:56; ProductName: VPN-1 & FireWall-1; ProductFamily: Network;
11:30:56 5 N/A N/A 192.168.204.40 > N/A LogId: <max_null>; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=MyGW..44jkyv; : -----------------------------------(+); Direction: 0; Source: 192.168.204.1; SPort: 53; Dest: 192.168.204.40; DPort: 54201; Protocol: udp; CPTFMT_sep_1: ->; Direction_1: 1; Source_1: 192.168.204.40; SPort_1: 54201; Dest_1: 192.168.204.1; DPort_1: 53; Protocol_1: udp; FW_symval: 2054; LastUpdateTime: 10Sep2018 11:30:56; ProductName: VPN-1 & FireWall-1; ProductFamily: Network;
11:30:56 5 N/A N/A 192.168.204.40 > N/A LogId: <max_null>; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=MyGW..44jkyv; : -----------------------------------(+); Direction: 1; Source: 192.168.204.40; SPort: 22; Dest: 192.168.204.1; DPort: 54201; Protocol: tcp; CPTFMT_sep_1: ->; Direction_2: 0; Source_2: 192.168.204.1; SPort_2: 54201; Dest_2: 192.168.204.40; DPort_2: 22; Protocol_2: tcp; FW_symval: 2053; LastUpdateTime: 10Sep2018 11:30:56; ProductName: VPN-1 & FireWall-1; ProductFamily: Network;
11:30:56 5 N/A N/A 192.168.204.40 > N/A LogId: <max_null>; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=MyGW..44jkyv; : -----------------------------------(+); Direction: 0; Source: 192.168.204.1; SPort: 54201; Dest: 192.168.204.40; DPort: 22; Protocol: tcp; CPTFMT_sep: ;; Type: 114689; Rule: 2; Timeout: 481; Handler: 0; Ifncin: 1; Ifncout: 1; Ifnsin: -1; Ifnsout: -1; Bits: 02007800000f9000; Expires: 3596/3600; LastUpdateTime: 10Sep2018 11:30:56; ProductName: VPN-1 & FireWall-1; ProductFamily: Network;
11:30:56 5 N/A N/A 192.168.204.40 > N/A LogId: <max_null>; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=MyGW..44jkyv; : -----------------------------------(+); Direction: 0; Source: 192.168.204.1; SPort: 53; Dest: 192.168.204.40; DPort: 44966; Protocol: udp; CPTFMT_sep_1: ->; Direction_1: 1; Source_1: 192.168.204.40; SPort_1: 44966; Dest_1: 192.168.204.1; DPort_1: 53; Protocol_1: udp; FW_symval: 2054; LastUpdateTime: 10Sep2018 11:30:56; ProductName: VPN-1 & FireWall-1; ProductFamily: Network;
11:30:56 5 N/A N/A 192.168.204.40 > N/A LogId: <max_null>; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=MyGW..44jkyv; : -----------------------------------(+); Direction: 1; Source: 192.168.204.40; SPort: 44966; Dest: 192.168.204.1; DPort: 53; Protocol: udp; CPTFMT_sep: ;; Type: 131073; Rule: 0; Timeout: 335; Handler: 0; Ifncin: -1; Ifncout: -1; Ifnsin: 1; Ifnsout: 1; Bits: 0000780000000000; Expires: 23/40; LastUpdateTime: 10Sep2018 11:30:56; ProductName: VPN-1 & FireWall-1; ProductFamily: Network;
[Expert@MyGW:0]# |
