Palo Alto Firewall not only allows you to monitor activity on your network, but also is a useful troubleshooting tool. This video shows you how to monitor and troubleshoot related to Port Traffic Filter.
Example 1: To shows all traffic traveling from source port 3389, use this command: (port.src eq 3389)
From the results, we can see type, source IP address, Destination IP address, port, applications, action and Rule.
Example 2: To shows all traffic traveling to destination port 443, use this command: (port.dst eq 443).
Example 3: to shows all traffic traveling from source port 80 and traveling to destination port 443, use this command: (port.src eq 80) and (port.dst eq 443)
Example 4: To shows all traffic traveling from source ports 1-22, use this command: (port.src leq 22).
Note: the port starts at 0.
Example 5: To shows all traffic traveling from source ports 1024 – 65535, use this command: (port.src leq 22).
Example 6: To All Ports Greater Than Or Equal To Port 1024, use this command: (port.dst geq 1024).
Example 7: To shows all traffic traveling from source port range 20-53, use this command: (port.src leq 22).
Example 8: To hows all traffic traveling to destination ports 1024 – 13002, use this command: (port.dst geq 1024) and (port.dst leq 13002).
Please view this step by step video:
