show firewall
This command summarizes the firewall rules that are applied on the system. Start here when you troubleshoot a firewall-related problem.
Example: show firewall
$OS_PROMPT$ show firewall
------------------------------
Rulesets Information: Firewall
------------------------------
--------------------------------------------------------------------------------
Firewall "basic":
Active on (dp0s5, in)
rule action proto packets bytes
---- ------ ----- ------- -----
100 allow tcp 12 967
condition - stateful proto tcp to any port 50
default allow any 132 7128
condition - all
The output states the interface that each rule set is applied to, and the direction of application — in or out. In this example, (dp0s5, in)
.
- The interface
dp0s5
has a firewall rule that applies to ingress packets - By default, the interface will allow all everything, and will create a stateful
session for TCP traffic on port
50
- Both the default rule and rule
100
have traffic hitting them