I was wondering if there is a way to show the half wing sessions that for any reason are not compleated ad installed in flow session table. Basically I want see the SYN packets sent from internet host to my server behing SRX even if the server didn't reply to the syn.
show system connection is for the conenctions directed to SRX itslef not for the server sitting behind it. Correct? show security flow session protocol tcp shows just the session established not the half-wing. Correct?
Neither of those commands shows session state of transit flows. Show system connections shows sessions terminating on the srx, and security flow session protocol tcp simply filters the session table to tcp-based sessions. Unfortunately I don't know how to display session state of flows. It's possible one of the 'session states' shown by explicitly specifying a session-identifyier corresponds to a half-open session.