Search this Blog

Tuesday, November 17, 2009

Commands to determine the amount of TCP users that are hitting the firewall.


The show xlate detail command displays the following information:
{ICMP|TCP|UDP} PAT from interface:real-address/real-port to interface [acl-name]:mapped-address/mapped-port flags translation-flags
NAT from interface:real-address/real-port to interface [acl-name]:mapped-address/mapped-port flags translation-flags

The show conn will display all active connections.
show conn [count] | [detail] | [protocol tcp | udp | protocol] [{foreign | local} ip [-ip2]] [netmask mask]] [{lport | fport} port1 [-port2]]
show conn state [up] [,conn_inbound][,ctiqbe][,data_in][,data_out][,dump][,finin] [,finout][,h225][,h323][,http_get][,mgcp][,nojava][,rpc][,sip][,skinny][,smtp_data]
[,smtp_banner] [,sqlnet_fixup_data][,smtp_incomplete]
this will give all TCP conns through the firewall, but this won't give a count. You can always slap this into excel to get a count.

sh local-host | i TCP flow count. This will show the distinct TCP conns each host has. Adding them up will give the aggregate.

Click here to find details of all Cisco PIX Firewall Commands

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

No comments :

Post a Comment

 
/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */