diagnose firewall
Firewall
This topic includes the following commands:
- diagnose firewall auth
- diagnose firewall auth clear
- diagnose firewall auth filter
- diagnose firewall auth filter clear
- diagnose firewall auth filter group
- diagnose firewall auth filter mac
- diagnose firewall auth filter method
- diagnose firewall auth filter policy
- diagnose firewall auth filter source
- diagnose firewall auth filter source6
- diagnose firewall auth filter user
- diagnose firewall auth ipv6
- diagnose firewall auth ipv6 clear
- diagnose firewall auth ipv6 list
- diagnose firewall auth list
- diagnose firewall auth mac
- diagnose firewall auth mac clear
- diagnose firewall auth mac list
- diagnose firewall dynamic
- diagnose firewall dynamic address
- diagnose firewall dynamic list
- diagnose firewall dynamic6
- diagnose firewall dynamic6 address
- diagnose firewall dynamic6 list
- diagnose firewall fqdn
- diagnose firewall fqdn get-ip
- diagnose firewall fqdn get-mac
- diagnose firewall fqdn getinfo-ip
- diagnose firewall fqdn getinfo-mac
- diagnose firewall fqdn list-all
- diagnose firewall fqdn list-ip
- diagnose firewall fqdn list-mac
- diagnose firewall fqdn6
- diagnose firewall fqdn6 get
- diagnose firewall fqdn6 list
- diagnose firewall internet-service
- diagnose firewall internet-service list
- diagnose firewall internet-service-app-ctrl
- diagnose firewall internet-service-cache
- diagnose firewall internet-service-cache list
- diagnose firewall internet-service-custom
- diagnose firewall internet-service-custom list
- diagnose firewall internet-service-disable
- diagnose firewall internet-service-disable list
- diagnose firewall internet-service-extension
- diagnose firewall internet-service-extension list
- diagnose firewall internet-service-prio-id
- diagnose firewall internet-service-prio-id list
- diagnose firewall internet-service6
- diagnose firewall internet-service6 list
- diagnose firewall internet-service6-cache
- diagnose firewall internet-service6-cache list
- diagnose firewall internet-service6-custom
- diagnose firewall internet-service6-custom list
- diagnose firewall internet-service6-disable
- diagnose firewall internet-service6-disable list
- diagnose firewall internet-service6-extension
- diagnose firewall internet-service6-extension list
- diagnose firewall internet-service6-prio-id
- diagnose firewall internet-service6-prio-id list
- diagnose firewall ipgeo
- diagnose firewall ipgeo copyright-notice
- diagnose firewall ipgeo country-list
- diagnose firewall ipgeo ip-list
- diagnose firewall ipgeo ip2country
- diagnose firewall ipgeo override
- diagnose firewall network-service-dynamic
- diagnose firewall network-service-dynamic list
- diagnose firewall nslookup
- diagnose firewall shaper
- diagnose firewall shaper per-ip-shaper
- diagnose firewall shaper per-ip-shaper clear
- diagnose firewall shaper per-ip-shaper list
- diagnose firewall shaper per-ip-shaper state
- diagnose firewall shaper per-ip-shaper stats
- diagnose firewall shaper traffic-shaper
- diagnose firewall shaper traffic-shaper list
- diagnose firewall shaper traffic-shaper stats
- diagnose firewall shaper traffic-shaper stats clear
- diagnose firewall shaper traffic-shaper stats list
- diagnose firewall snat-ippool
- diagnose firewall snat-ippool list
- diagnose firewall snat-ippool list6
diagnose firewall auth
Authenticated users.
diagnose firewall auth
diagnose firewall auth clear
Clear authenticated IPv4 users.
diagnose firewall auth clear
diagnose firewall auth filter
Filters used to list entries.
diagnose firewall auth filter
diagnose firewall auth filter clear
Clear all filters.
diagnose firewall auth filter clear
diagnose firewall auth filter group
Group name.
diagnose firewall auth filter group <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Group name. |
string |
|
diagnose firewall auth filter mac
MAC address.
diagnose firewall auth filter mac <xx:xx:xx:xx:xx:xx>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<xx:xx:xx:xx:xx:xx> |
MAC address. |
string |
|
diagnose firewall auth filter method
method
diagnose firewall auth filter method <method>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<method> |
Valid method name: fsso, rsso, ntlm, fw, wsso, disclaimer, fsso_citrix, sso_guest. |
string |
|
diagnose firewall auth filter policy
Policy ID.
diagnose firewall auth filter policy <xxx>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<xxx> |
Policy ID. |
string |
|
diagnose firewall auth filter source
IPv4 source address.
diagnose firewall auth filter source <xxx.xxx.xxx.xxx>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<xxx.xxx.xxx.xxx> |
IPv4 source (range from). |
string |
|
diagnose firewall auth filter source6
IPv6 source address.
diagnose firewall auth filter source6 <xxxx::xxxx>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<xxxx::xxxx> |
IPv6 source (range from). |
string |
|
diagnose firewall auth filter user
User name.
diagnose firewall auth filter user <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
User name. |
string |
|
diagnose firewall auth ipv6
Authenticated IPv6 users.
diagnose firewall auth ipv6
diagnose firewall auth ipv6 clear
Clear authenticated IPv6 users.
diagnose firewall auth ipv6 clear
diagnose firewall auth ipv6 list
List authenticated IPv6 users.
diagnose firewall auth ipv6 list
diagnose firewall auth list
List authenticated IPv4 users.
diagnose firewall auth list
diagnose firewall auth mac
Authenticated MAC users.
diagnose firewall auth mac
diagnose firewall auth mac clear
Clear authenticated MAC users.
diagnose firewall auth mac clear
diagnose firewall auth mac list
List authenticated MAC users.
diagnose firewall auth mac list
diagnose firewall dynamic
Show dynamic addresses.
diagnose firewall dynamic
diagnose firewall dynamic address
Get summary of one or all dynamic addresses.
diagnose firewall dynamic address <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Dynamic address name. (Optional) |
string |
|
diagnose firewall dynamic list
Get list of one or all dynamic addresses.
diagnose firewall dynamic list <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Dynamic address name. (Optional) |
string |
|
diagnose firewall dynamic6
Show IPv6 dynamic addresses.
diagnose firewall dynamic6
diagnose firewall dynamic6 address
Get summary of IPv6 dynamic addresses.
diagnose firewall dynamic6 address <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Dynamic address name. |
string |
|
diagnose firewall dynamic6 list
List all IPv6 dynamic addresses.
diagnose firewall dynamic6 list <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Dynamic address name. |
string |
|
diagnose firewall fqdn
fqdn
diagnose firewall fqdn
diagnose firewall fqdn get-ip
Get and display one IP FQDN address.
diagnose firewall fqdn get-ip <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Address Name |
string |
|
diagnose firewall fqdn get-mac
Get and display one MAC FQDN address.
diagnose firewall fqdn get-mac <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Address Name |
string |
|
diagnose firewall fqdn getinfo-ip
Get info of IP FQDN address
diagnose firewall fqdn getinfo-ip <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
name |
string |
|
diagnose firewall fqdn getinfo-mac
Get info of MAC FQDN address
diagnose firewall fqdn getinfo-mac <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
name |
string |
|
diagnose firewall fqdn list-all
List FQDN.
diagnose firewall fqdn list-all
diagnose firewall fqdn list-ip
List IP FQDN.
diagnose firewall fqdn list-ip
diagnose firewall fqdn list-mac
List MAC FQDN.
diagnose firewall fqdn list-mac
diagnose firewall fqdn6
IPv6 FQDN.
diagnose firewall fqdn6
diagnose firewall fqdn6 get
Get and display one IPv6 FQDN address.
diagnose firewall fqdn6 get <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Address Name |
string |
|
diagnose firewall fqdn6 list
List all IPv6 FQDN.
diagnose firewall fqdn6 list
diagnose firewall internet-service
Internet service in the kernel.
diagnose firewall internet-service
diagnose firewall internet-service list
List Internet Service.
diagnose firewall internet-service list <section>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<section> |
Internet Service table section.(0: entry, 1: index, <integer>: singularity) |
string |
|
diagnose firewall internet-service-app-ctrl
Application control internet service in the kernel.
diagnose firewall internet-service-app-ctrl
diagnose firewall internet-service-cache
Internet Service database cache entries in the kernel.
diagnose firewall internet-service-cache
diagnose firewall internet-service-cache list
List Internet Service databse cache entries in the kernel.
diagnose firewall internet-service-cache list
diagnose firewall internet-service-custom
Custom Internet Service in the kernel.
diagnose firewall internet-service-custom
diagnose firewall internet-service-custom list
List Custom Internet Service.
diagnose firewall internet-service-custom list <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Custom Internet Service name. |
string |
|
diagnose firewall internet-service-disable
Internet Service disable entries in the kernel.
diagnose firewall internet-service-disable
diagnose firewall internet-service-disable list
List Internet Service disable entries.
diagnose firewall internet-service-disable list <ID>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ID> |
Internet Service ID. |
string |
|
diagnose firewall internet-service-extension
Internet Service extension in the kernel.
diagnose firewall internet-service-extension
diagnose firewall internet-service-extension list
List Internet Service extension.
diagnose firewall internet-service-extension list <ID>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ID> |
Internet Service ID. |
string |
|
diagnose firewall internet-service-prio-id
Internet service ID in firewall polcy, shaping policy, SD-WAN rule, static route, and router policy.
diagnose firewall internet-service-prio-id
diagnose firewall internet-service-prio-id list
List Internet Service Priority ID.
diagnose firewall internet-service-prio-id list
diagnose firewall internet-service6
Internet service6 in the kernel.
diagnose firewall internet-service6
diagnose firewall internet-service6 list
List Internet Service6.
diagnose firewall internet-service6 list <section>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<section> |
Internet Service6 table section.(0: entry, 1: index, <integer>: singularity) |
string |
|
diagnose firewall internet-service6-cache
Internet Service database cache entries for IPv6 in the kernel.
diagnose firewall internet-service6-cache
diagnose firewall internet-service6-cache list
List Internet Service database cache entries for IPv6 in the kernel.
diagnose firewall internet-service6-cache list
diagnose firewall internet-service6-custom
Custom Internet Service6 in the kernel.
diagnose firewall internet-service6-custom
diagnose firewall internet-service6-custom list
List Custom Internet Service.
diagnose firewall internet-service6-custom list <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Custom Internet Service name. |
string |
|
diagnose firewall internet-service6-disable
Internet Service6 disable entries in the kernel.
diagnose firewall internet-service6-disable
diagnose firewall internet-service6-disable list
List Internet Service6 disable entries.
diagnose firewall internet-service6-disable list <ID>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ID> |
Internet Service6 ID. |
string |
|
diagnose firewall internet-service6-extension
Internet Service6 extension in the kernel.
diagnose firewall internet-service6-extension
diagnose firewall internet-service6-extension list
List Internet Service6 extension.
diagnose firewall internet-service6-extension list <ID>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ID> |
Internet Service6 ID. |
string |
|
diagnose firewall internet-service6-prio-id
Internet service ID in firewall polcy, SD-WAN rule, and router policy.
diagnose firewall internet-service6-prio-id
diagnose firewall internet-service6-prio-id list
List Internet Service6 Priority ID.
diagnose firewall internet-service6-prio-id list
diagnose firewall ipgeo
IP geolocation.
diagnose firewall ipgeo
diagnose firewall ipgeo copyright-notice
Copyright note.
diagnose firewall ipgeo copyright-notice
diagnose firewall ipgeo country-list
List all countries.
diagnose firewall ipgeo country-list
diagnose firewall ipgeo ip-list
List IP info of country.
diagnose firewall ipgeo ip-list <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Country ID. |
string |
|
diagnose firewall ipgeo ip2country
Get country info for the IP.
diagnose firewall ipgeo ip2country <ip>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ip> |
IPv4/IPv6 address. |
string |
|
diagnose firewall ipgeo override
Print out all user defined IP geolocation data.
diagnose firewall ipgeo override
diagnose firewall network-service-dynamic
Dynamic Network Service in the kernel.
diagnose firewall network-service-dynamic
diagnose firewall network-service-dynamic list
List Dynamic Network Service.
diagnose firewall network-service-dynamic list <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Dynamic Network Service name. |
string |
|
diagnose firewall nslookup
Name server lookup.
diagnose firewall nslookup <FQDN> <DNS-server>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<FQDN> |
FQDN. |
string |
|
|
<DNS-server> |
DNS-server. |
string |
|
diagnose firewall shaper
shapers
diagnose firewall shaper
diagnose firewall shaper per-ip-shaper
Traffic shapers.
diagnose firewall shaper per-ip-shaper
diagnose firewall shaper per-ip-shaper clear
Per-IP clear statistic data.
diagnose firewall shaper per-ip-shaper clear
diagnose firewall shaper per-ip-shaper list
List per-IP shapers.
diagnose firewall shaper per-ip-shaper list
diagnose firewall shaper per-ip-shaper state
Per-IP shapers state.
diagnose firewall shaper per-ip-shaper state
diagnose firewall shaper per-ip-shaper stats
Per-IP shapers statistic.
diagnose firewall shaper per-ip-shaper stats
diagnose firewall shaper traffic-shaper
Traffic shapers.
diagnose firewall shaper traffic-shaper
diagnose firewall shaper traffic-shaper list
List traffic shapers.
diagnose firewall shaper traffic-shaper list
diagnose firewall shaper traffic-shaper stats
Traffic shaper statistics.
diagnose firewall shaper traffic-shaper stats
diagnose firewall shaper traffic-shaper stats clear
Clear traffic shaper statistics.
diagnose firewall shaper traffic-shaper stats clear <name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<name> |
Name of traffic shaper to clear. |
string |
|
diagnose firewall shaper traffic-shaper stats list
List traffic shaper statistics.
diagnose firewall shaper traffic-shaper stats list
diagnose firewall snat-ippool
All IP pool.
diagnose firewall snat-ippool
diagnose firewall snat-ippool list
List IPv4.
diagnose firewall snat-ippool list
diagnose firewall snat-ippool list6
List IPv6.
diagnose firewall snat-ippool list6