Juniper - eekbot/public GitHub Wiki

Viewing Default Junos Applications

show configuration groups junos-defaults applications

Packet Captures

The following commands will set up a packet capture to help you view real-time traffic.

{primary:node1}[edit]
efk273@firewall# set security flow traceoptions file jtac size 2M
{primary:node1}[edit]
efk273@firewall# set security flow traceoptions flag basic-datapath
{primary:node1}[edit]
efk273@firewall# set security flow traceoptions packet-filter p1 destination-prefix 1.2.252.92/32 source-prefix 3.4.17.254/32
{primary:node1}[edit]
efk273@firewall# commit
{primary:node1}[edit]
efk273@firewall# run show log jtac | match p1

The following command can be used to view real-time TCP traffic getting through the FW. Note that while you can't see UDP traffic or blocked traffic, this method may be preferred if you want to prove that a FW rule exists for the desired traffic, while avoiding having to run a commit.

{primary:node1}[edit]
user@firewall> show security flow session source-prefix 1.2.3.4 destination-prefix 4.3.2.1

The following command will display the traffic that passes through the interface specified:

{primary:node1}[edit]
user@firewall# run monitor traffic interface reth2
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on reth2, capture size 96 bytes

Reverse lookup for 1.2.3.4 failed (check DNS reachability).
Other reverse lookup failures will not be reported.
Use <no-resolve> to avoid reverse lookups on IP addresses.

15:48:40.832005 Out IP truncated-ip - 120 bytes missing! firewall.fis.edu.ssh > 1.2.26.15.37664: P 1724361032:1724361160(128) ack 3619542892 win 33304 <nop,nop,timestamp 1394626239 3753503593>
15:48:40.832149 Out IP truncated-ip - 200 bytes missing! firewall.fis.edu.ssh > 1.2.26.15.37664: P 128:336(208) ack 1 win 33304 <nop,nop,timestamp 1394626239 3753503593>

[output cut]

Clearing Disk Space

request system storage cleanup dry-run

Gathering Support Files For JTAC

request support information | save /var/tmp/RSI-10-25-21.tgz

file archive compress source /var/log/* destination /var/tmp/Log-10-25-21-node0.tgz
⚠️ **GitHub.com Fallback** ⚠️