SRX Services Gateway
SRX Services Gateway

[Tips] How to check inactivity timeout for a service?

‎11-17-2010 03:31 AM

Question:
How to check inactivity timeout for a service?

 

Answer:
There is no CLI command to check inactivity timeout for a service.
You can check it from vty prompt as follow:

 

{primary:node0}
lab@srx240a.hk> start shell user root  
Password:
root@srx240a% vty fwdd


BSD platform (OCTEON processor, 416MB memory, 8192KB flash)

FLOWD_OCTEON(srx240a.hk vty)# show usp app-def tcp
tcp port=0, appl_name=junos-tcp-any, service type=0, alg id=0, timeout=1800
tcp port=21, appl_name=junos-ftp, service type=1, alg id=1, timeout=1800
tcp port=22, appl_name=junos-ssh, service type=22, alg id=0, timeout=1800
tcp port=23, appl_name=junos-telnet, service type=10, alg id=0, timeout=1800
tcp port=25, appl_name=junos-smtp, service type=7, alg id=0, timeout=1800
tcp port=43, appl_name=junos-whois, service type=46, alg id=0, timeout=1800
tcp port=49, appl_name=junos-tacacs, service type=0, alg id=0, timeout=1800
tcp port=53, appl_name=junos-dns-tcp, service type=16, alg id=16, timeout=1800
tcp port=65, appl_name=junos-tacacs-ds, service type=0, alg id=0, timeout=1800
tcp port=70, appl_name=junos-gopher, service type=39, alg id=0, timeout=1800
tcp port=79, appl_name=junos-finger, service type=17, alg id=0, timeout=1800
tcp port=80, appl_name=junos-http, service type=6, alg id=0, timeout=1800
<snip>

 

The above is to check for TCP services.
You can read the inactivity timeout for all defined services.
E.g. junos-telnet is having inactivity timeout 1800s.

2 REPLIES 2
SRX Services Gateway

Re: [Tips] How to check inactivity timeout for a service?

‎11-17-2010 03:35 AM

Miss to add:

If you need to check service inactivity timeout, you can replace the keyword 'tcp" with "udp" on the vty command.

SRX Services Gateway

Re: [Tips] How to check inactivity timeout for a service?

‎11-17-2010 03:46 AM

In configuration mode you can also check "show groups junos-defaults applications" to see the predefined port numbers for the predefined services.  I think we'll have some enhancements to the usability in the future for the ports and inactivity timeouts to make them visible.

 

In fact, you can use the "show groups junos-defaults" command to view all Junos default configuration values!