show firewall
This command summarizes the firewall rules that are applied on the system. Start here when you troubleshoot a firewall-related problem.
Example: show firewall
$OS_PROMPT$ show firewall
------------------------------
Rulesets Information: Firewall
------------------------------
--------------------------------------------------------------------------------
Firewall "basic":
Active on (dp0s5, in)
rule action proto packets bytes
---- ------ ----- ------- -----
100 allow tcp 12 967
condition - stateful proto tcp to any port 50
default allow any 132 7128
condition - allThe output states the interface that each rule set is applied to, and the direction of application — in or out. In this example, (dp0s5, in).
- The interface
dp0s5has a firewall rule that applies to ingress packets - By default, the interface will allow all everything, and will create a stateful
session for TCP traffic on port
50 - Both the default rule and rule
100have traffic hitting them
Note: For more about this command see Ciena Vyatta Network OS Firewall Configuration Guide.