conntrack

system conntrack: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Connection tracking engine options

system conntrack app-detect: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Application detection

system conntrack app-detect debug: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Show more verbose log messages

system conntrack app-detect dictionary <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Values:

u32 – Priority of the dictionary, affects in the search order

Instances:

Unique

system conntrack app-detect dictionary <u32> custom: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Custom application dictionary

system conntrack app-detect dictionary <u32> custom app-id <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Values:

u32 – Custom application id

Instances:

Multiple

system conntrack app-detect dictionary <u32> custom app-id <u32> fqdn <txt>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Values:

txt – FQDN or hostname pattern of custom application id

Instances:

Multiple

system conntrack app-detect dictionary <u32> custom app-id <u32> name <txt>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Values:

txt – Name of custom application id

system conntrack app-detect dictionary <u32> filename <file>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Values:

file – Name of application dictionary file

system conntrack app-detect dns: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
DNS detection

system conntrack app-detect dns-host: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
DNS query hostname detection

system conntrack app-detect dns-host max-cnames <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Size of DNS CNAME cache

Values:

u32 – Number of entries allowed in DNS CNAME cache (1-10000)

system conntrack app-detect enable_dict_match_priv_ip: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Allow matches of private ip addresses on no custom dictionaries

system conntrack app-detect http: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
HTTP detection

system conntrack app-detect http-host: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
HTTP Host header detection

system conntrack app-detect http-referer: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
HTTP Referer header detection

system conntrack app-detect http-url: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
HTTP request URL detection

system conntrack app-detect http-user-agent: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
HTTP User-Agent header detection

system conntrack app-detect ip-cache: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Ip-cache configuration

system conntrack app-detect ip-cache blacklist: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Allow to exclude an IP from the ip-cache when App-Id is flapping

system conntrack app-detect refresh-flow-appid: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
refresh flow appid when fqdn’s appid is different than ip-cache’s one

system conntrack app-detect ssl: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
SSL/TLS detection

system conntrack app-detect ssl-host: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
SSL/TLS certificate host detection

system conntrack debug: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Show verbose conntrack log messages

system conntrack disable: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Disable connection tracking

system conntrack expect-table-size <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Size of connection tracking expect table

Values:

u32 – Number of entries allowed in connection tracking expect table (1-50000000)

system conntrack hash-size <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Hash size for connection tracking table

Values:

u32 – Size of hash to use for connection tracking table (1-50000000)

system conntrack logging: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Log conntrack events

system conntrack logging events <txt>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Specify events to capture

Values:

new – NEW events
update – UPDATE events
destroy – DESTROY events
all – all the previously events

Instances:

Multiple

system conntrack logging log-level <txt>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Specify log level to use (The events will be displayed with the specified level format)

Values:

err – Error messages
warning – Warning messages
notice – Messages for further investigation
info – Informational messages
debug – Debug messages

system conntrack modules: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Connection tracking modules settings

system conntrack modules ftp: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
FTP connection tracking settings

system conntrack modules ftp disable: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Disable FTP connection tracking

system conntrack modules h323: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
H.323 connection tracking settings

system conntrack modules h323 disable: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Disable H.323 connection tracking

system conntrack modules pptp: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
PPTP connection tracking settings

system conntrack modules pptp disable: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Disable PPTP connection tracking

system conntrack modules sip: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
SIP connection tracking settings

system conntrack modules sip disable: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Disable SIP connection tracking

system conntrack modules sip enable-indirect-media: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Option to support for indirect media streams

system conntrack modules sip enable-indirect-signalling: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Option to support for indirect signalling streams

system conntrack modules sip port <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Port number that SIP traffic is carried on

Values:

u32 – SIP port number (1-65535)

Instances:

Multiple

system conntrack modules tftp: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
TFTP connection tracking settings

system conntrack modules tftp disable: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Disable TFTP connection tracking

system conntrack replace-clash: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Enable replace-clash feature

system conntrack table-size <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Size of connection tracking table

Values:

u32 – Number of entries allowed in connection tracking table (1-50000000)

system conntrack tcp: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
TCP options

system conntrack tcp half-open-connections <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Maximum number of TCP half-open connections

Values:

u32 – Number of connections (1-2147483647)

system conntrack tcp max-retrans <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

TCP maximum retransmit attempts

Values:

u32 – Generic connection timeout in seconds (1-2147483647)

system conntrack tcp no-loose: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Do not track previously established connections

system conntrack timeout: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
Connection timeout options

system conntrack timeout icmp <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

ICMP timeout in seconds

Values:

u32 – ICMP timeout in seconds (1-21474836)

system conntrack timeout other <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

Generic connection timeout in seconds

Values:

u32 – Generic connection timeout in seconds (1-21474836)

system conntrack timeout tcp: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
TCP connection timeout options

system conntrack timeout tcp close <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

TCP CLOSE timeout in seconds

Values:

u32 – TCP CLOSE timeout in seconds (1-21474836)

system conntrack timeout tcp close-wait <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

TCP CLOSE-WAIT timeout in seconds

Values:

u32 – TCP CLOSE-WAIT timeout in seconds (1-21474836)

system conntrack timeout tcp established <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

TCP ESTABLISHED timeout in seconds

Values:

u32 – TCP ESTABLISHED timeout in seconds (1-21474836)

system conntrack timeout tcp fin-wait <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

TCP FIN-WAIT timeout in seconds

Values:

u32 – TCP FIN-WAIT timeout in seconds (1-21474836)

system conntrack timeout tcp last-ack <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

TCP LAST-ACK timeout in seconds

Values:

u32 – TCP LAST-ACK timeout in seconds (1-21474836)

system conntrack timeout tcp syn-recv <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

TCP SYN-RECEIVED timeout in seconds

Values:

u32 – TCP SYN-RECEIVED timeout in seconds (1-21474836)

system conntrack timeout tcp syn-sent <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

TCP SYN-SENT timeout in seconds

Values:

u32 – TCP SYN-SENT timeout in seconds (1-21474836)

system conntrack timeout tcp time-wait <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

TCP TIME-WAIT timeout in seconds

Values:

u32 – TCP TIME-WAIT timeout in seconds (1-21474836)

system conntrack timeout udp: AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE
UDP timeout

system conntrack timeout udp other <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

UDP generic timeout in seconds

Values:

u32 – UDP generic timeout in seconds (1-21474836)

system conntrack timeout udp stream <u32>

AresC640 Atlas840 M10-Smart M2 RS420 RXL15000 SDE

UDP stream timeout in seconds

Values:

u32 – UDP stream timeout in seconds (1-21474836)