FGT61E4Q16004006 (root) # diagnose sys session filter dst 172.31.11.239 ! Først lage et filter for alle pakker mot 172.31.11.239.
FGT61E4Q16004006 (root) # diagnose sys session list 			! Så lister opp alle sesjonene som matcher filteret.
 
session info: proto=1 proto_state=00 duration=5 expire=59 timeout=0 flags=00000000 sockflag=00000000 sockport=0 av_idx=0 use=5
origin-shaper=
reply-shaper=
per_ip_shaper=
ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255
state=log may_dirty ndr f00 app_valid 
statistic(bytes/packets/allow_err): org=420/5/1 reply=0/0/0 tuples=3
tx speed(Bps/kbps): 83/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->post, reply pre->post dev=22->5/5->22 gwy=89.191.9.5/0.0.0.0  <-- Her ser vi at sesjonen bruker gatewayen mot internett.
hook=post dir=org act=snat 192.168.1.69:44210->172.31.11.239:8(89.191.9.6:62464)
hook=pre dir=reply act=dnat 172.31.11.239:62464->89.191.9.6:0(192.168.1.69:44210)
hook=post dir=reply act=noop 172.31.11.239:44210->192.168.1.69:0(0.0.0.0:0)
src_mac=ac:bc:32:c0:43:23
misc=0 policy_id=1 auth_info=0 chk_client_info=0 vd=0
serial=002a826a tos=ff/ff app_list=2001 app=24466 url_cat=0
dd_type=0 dd_mode=0
npu_state=0x041008
no_ofld_reason:  redir-to-ips non-npu-intf

total session 1
 
FGT61E4Q16004006 (root) # diagnose sys session clear 			! Her clearer vi alle sesjoner som matcher filteret vi satt over (172.31.11.239).

FGT61E4Q16004006 (root) # diagnose sys session list
 
session info: proto=1 proto_state=00 duration=0 expire=59 timeout=0 flags=00000000 sockflag=00000000 sockport=0 av_idx=0 use=4
origin-shaper=
reply-shaper=
per_ip_shaper=
ha_id=0 policy_dir=0 tunnel=AWS-staging/ vlan_cos=0/255
state=log may_dirty f00 
statistic(bytes/packets/allow_err): org=84/1/1 reply=84/1/1 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->post, reply pre->post dev=22->35/35->22 gwy=169.254.20.197/192.168.1.69 <- Her ser vi at riktig gateway blir bruk (VPN-tunnelen).
hook=pre dir=org act=noop 192.168.1.69:44210->172.31.11.239:8(0.0.0.0:0)
hook=post dir=reply act=noop 172.31.11.239:44210->192.168.1.69:0(0.0.0.0:0)
src_mac=ac:bc:32:c0:43:23
misc=0 policy_id=6 auth_info=0 chk_client_info=0 vd=0
serial=002a894f tos=ff/ff app_list=0 app=0 url_cat=0
dd_type=0 dd_mode=0
npu_state=0x3040000
no_ofld_reason:  non-npu-intf
total session 1
 
FGT61E4Q16004006 (root) #