Versions Compared

Old Version 1

changes.mady.by.user Jean-luc KRIKER

Saved on

compared with

New Version Current

changes.mady.by.user Jean-luc KRIKER

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-policy-configuration.html#id-understanding-security-policies-for-self-traffic

Self-traffic or host traffic, is the host-inbound traffic; that is, the traffic terminating on the device or the host-outbound traffic that is the traffic originating from the device.


FYI:

Security policies are configured on the devices to apply services to the traffic flowing through the device.
For example UAC and UTM policies are configured to apply services to the transient traffic.



self-traffic-policy


Code Block
titlepolicy-id 1 summary
root@srx320-np> show security flow session policy-id 1 summary
Valid sessions: 4
Pending sessions: 0
Invalidated sessions: 0
Sessions in other states: 0
Total sessions: 4




Code Block
titlepolicy-id 1
root@srx320-np> show security flow session policy-id 1
Session ID: 437, Policy name: self-traffic-policy/1, Timeout: 300, Valid
  In: 192.168.0.203/64223 --> 192.168.0.204/80;tcp, Conn Tag: 0x0, If: ge-0/0/7.0, Pkts: 60, Bytes: 17579,
  Out: 192.168.0.204/80 --> 192.168.0.203/64223;tcp, Conn Tag: 0x0, If: .local..0, Pkts: 85, Bytes: 15788,

Session ID: 37689, Policy name: self-traffic-policy/1, Timeout: 1798, Valid
  In: 192.168.0.204/50712 --> 13.56.90.212/2200;tcp, Conn Tag: 0x0, If: .local..0, Pkts: 7490041, Bytes: 980722625,
  Out: 13.56.90.212/2200 --> 192.168.0.204/50712;tcp, Conn Tag: 0x0, If: ge-0/0/7.0, Pkts: 5355845, Bytes: 434410352,

Session ID: 63652, Policy name: self-traffic-policy/1, Timeout: 1800, Valid
  In: 192.168.0.203/63134 --> 192.168.0.204/22;tcp, Conn Tag: 0x0, If: ge-0/0/7.0, Pkts: 1130, Bytes: 78872,
  Out: 192.168.0.204/22 --> 192.168.0.203/63134;tcp, Conn Tag: 0x0, If: .local..0, Pkts: 994, Bytes: 96361,

Session ID: 63655, Policy name: self-traffic-policy/1, Timeout: 98, Valid
  In: 192.168.0.203/63135 --> 192.168.0.204/22;tcp, Conn Tag: 0x0, If: ge-0/0/7.0, Pkts: 16, Bytes: 1988,
  Out: 192.168.0.204/22 --> 192.168.0.203/63135;tcp, Conn Tag: 0x0, If: .local..0, Pkts: 15, Bytes: 4361,
Total sessions: 4