firewall realtime-statistics enable
Function
The firewall realtime-statistics enable command enables the real-time traffic statistics function.
The undo firewall realtime-statistics enable command disables the real-time traffic statistics function.
Usage Guidelines
By default, this function is enabled.
Collected real-time traffic statistics include top 10 source IP addresses by session number, top 10 source IP addresses by traffic, top 10 applications by session number, and top 10 applications by traffic. Enabling this function affects the firewall performance.
For top N IPv4 statistics, during ranking by traffic, the FW collects statistics on traffic processed by the SPU. Therefore, if hardware fast forwarding is enabled, and the ranking is based on traffic, statistics on traffic fast-forwarded cannot be collected. To collect statistics on all traffic, disable hardware fast forwarding first. IPv6 traffic does not support hardware fast forwarding; therefore, top N IPv6 statistics collection does not have this restriction.
If the ranking is based on sessions, statistics collection is not affected by the hardware fast forwarding function. This is because that sessions are created on the MPU, regardless of whether hardware fast forwarding is enabled.
Example
# Enables the real-time traffic statistics function.
<sysname> system-view [sysname] firewall realtime-statistics enable
# Display the ranking result.
[sysname] diagnose [sysname-diagnose] display firewall online ip session top10 Source IPs of Top 10 session number ------------------------------------------------------------------------------ TOP IP ADDRESS VSYS SESSION NUMBER ------------------------------------------------------------------------------ 1 172.16.100.102 0 7048 2 192.168.0.117 0 6457 3 192.168.1.112 0 3501 4 192.168.0.100 0 2522 5 10.27.146.249 0 1838 6 192.168.200.24 0 1658 7 192.168.18.15 0 1488 8 192.168.0.102 0 1335 9 10.1.1.1 0 1020 10 192.168.1.102 0 876 ----------------------------------------------------------------------------