操作步骤

• 执行命令display firewall zone [ zone-name ] [ interface | priority ]，查看全部或指定安全区域的配置信息。
• 执行命令display firewall interzone [ zone-name1 zone-name2 ]，查看安全域间的信息。
• 执行命令display firewall blacklist configuration，查看防火墙黑名单功能是否使能。
• 执行命令display firewall blacklist { all | ip-address [ vpn-instance vpn-instance-name ] | dynamic | static | vpn-instance vpn-instance-name }，查看防火墙黑名单表项的内容。
• 执行命令display firewall whitelist { all | ip-address [ vpn-instance vpn-instance-name ] | vpn-instance vpn-instance-name }，查看防火墙白名单表项的信息。
• 执行命令display firewall statistics system [ normal all | defend ]，查看防火墙的系统流量统计信息。
• 执行命令display firewall statistics zone zone-name { inzone | outzone } all，查看安全区域的流量统计和监控信息。
• 执行命令display firewall statistics zone-ip zone-name，查看指定域下域的流量监控使能情况与各种协议配置的监控阈值。
• 执行命令display firewall-nat session aging-time，查看防火墙设备上会话表项的超时时间。
• 执行命令display port-mapping [ dns | ftp | http | rtsp | sip | port port-number | pptp ]，查看指定的应用层协议和端口的映射关系。
• 执行命令display firewall defend { flag | { icmp-flood | syn-flood | udp-flood } [ ip [ ip-address [ vpn-instance vpn-instance-name ] ] | zone [ zone-name ] ] | other-attack-type }，查看各种攻击防范功能的使能状态和配置信息。
• 执行命令display firewall log configuration，查看防火墙日志的全局配置信息。
• 执行命令display firewall session { all [ verbose ] | number }或display firewall session protocol { protocol-number | protocol-name } [ source source-address [ source-port ] ] [ destination destination-address [ destination-port ] ] [ verbose ]或display firewall session destination destination-address [ destination-port ] [ verbose ]或display firewall session source source-address [ source-port ] [ destination destination-address [ destination-port ] ] [ verbose ]，查看Firewall的流表信息。
• 执行命令display firewall ipv6 session { all [ verbose ] | number }或display firewall ipv6 session protocol { protocol-number | protocol-name } [ source source-address [ source-port ] ] [ destination destination-address [ destination-port ] ] [ verbose ]或display firewall ipv6 session destination destination-address [ destination-port ] [ verbose ]或display firewall ipv6 session source source-address [ source-port ] [ destination destination-address [ destination-port ] ] [ verbose ]，查看IPv6的Firewall的流表信息。
• 执行命令display firewall app { servermap | session } table statistics，查看防火墙应用层表项的统计信息。
• 执行命令display firewall app session table [ application-protocol { dns | ftp | http | pptp | rtsp | sip } ] [ source-ip ip-address [ port-number ] ] [ destination-ip ip-address [ port-number ] ]，查看应用层流表信息。
• 执行命令display session { all [ verbose ] | number }或display session destination destination-address [ destination-port ] [ verbose ]或display session source source-address [ source-port ] [ destination destination-address [ destination-port ] ] [ verbose ]或display session protocol { protocol-number | protocol-name } [ source source-address [ source-port ] ] [ destination destination-address [ destination-port ] ] [ verbose ]，查看流表信息。