To list the active sessions on the firewall:
> show session all
------------------------------------------------------------------------------------------------------------------------------
ID/vsys application state type flag src[sport]/zone/proto (translated IP[port])
dst[dport]/zone (translated IP[port]
-------------------------------------------------------------------------------------------------------------------------------
129617/1 skype ACTIVE PRED 0.0.0.0[0]/corp-trust/6 (0.0.0.0[0])
97.87.56.37[28775]/corp-untrust (97.87.56.37[28775])
114143/1 yahoo-voice ACTIVE FLOW 10.16.3.232[49259]/corp-trust/6 (10.16.3.232[49259])
68.142.233.183[443]/corp-untrust (68.142.233.183[443])
6766/1
To clear a session by it's ID number:
> clear session ID 129617
session 129617 cleared
To clear all sessions:
> clear session all
To list the available filters when clearning sessions:
> clear session all filter
+ application Application name
+ destination destination IP address
+ destination-port Destination port
+ destination-user Destination user
+ from From zone
+ nat If session is NAT
+ nat-rule Rule name
+ protocol IP protocol value
+ proxy session is decrypted
+ rule Rule name
+ source source IP address
+ source-port Source port
+ source-user Source user
+ state flow state
+ to To zone
+ type flow type
<Enter> Finish input
To clear sessions for a specific application:
> clear session all filter application skype
Sessions cleared
To clear sessions for a specific source or destination IP:
> clear session all filter source 192.168.51.71
Sessions cleared
> clear session all filter destination 8.8.8.8
Sessions cleared
Note: All commands to clear sessions will work the same on a single firewall or a pair of firewalls in High Availability (HA) configuration.
See also
How to Clear Sessions from the Session Monitor
owner: panagent