Manual Chapter : Managing Firewall Packet Traces
Applies To:Show Versions
BIG-IQ Centralized Management
About firewall packet traces
You can create and view packet traces to visually review your firewall settings. You can click the graphics in the trace report to see detailed results of the packet trace for each firewall component.
Create firewall packet traces
You create packet traces to trace and review your network security firewall settings.
- Click .
The Packet Parameters screen opens.
- In the Name setting, type a name for the packet trace.
In the Devices setting, select one or more BIG-IP
devices and source VLANs to use.
Click + to add additional devices. Click X to remove the device in the row.
- In the Protocol setting, select the protocol for the packet you want to trace. The other configuration settings change based on the protocol you select.
- In the TCP Flags setting, select one or more flags to set in the packet trace. This setting is used only when the TCP protocol is selected.
- In the Source IP Address setting, type the IP address to identify as the packet source.
- In the Source Port setting, type the port to identify as the packet source. This does not apply to ICMP packets.
- In the TTL setting, type the TTL (Time to Live) for the traced packet, in seconds.
- In the Destination IP Address setting, type the IP address to which you want to send the packet for the packet trace.
- In the Destination Port setting, type the port to which you want to send the packet for the packet trace. This does not apply to ICMP packets.
- In the Use Staged Policy setting, select whether to use a staged policy, if one exists, for the packet.
- In the Trigger Log setting, select whether to write a log message based on the packet from the packet trace.
Click Run Trace.
The packet is traced and the results are displayed on the screen.
In the Trace Results area, review the trace diagram created by running the
- Review the colors of the graphics for each network security
- Green graphics indicate rules that were evaluated and allowed the traffic to pass, including whitelist matches and Allow firewall, DoS, and IP intelligence matches.
- Red graphics indicate packets that were evaluated and dropped, or that matched firewall or IP intelligence rules.
- Gray graphics indicate packets that did not match a rule of the type indicated.
- Click each graphic to see detailed results of the packet trace for that component.
- Review the colors of the graphics for each network security component.