InlineTLS/SSL show command Field Descriptions

The Inline SSL show command fields have the below descriptions and values. Refer to apps inline-ssl to know more about GigaVUE-OS CLI configurations.

Fields

Description

Values

Source IP

Source IP of the Host/Client from where connection was initiated.

IPv4 or IPv6 address.

Destination IP

Destination IP of the Host/Server at which connection is terminated.

IPv4 or IPv6 address.

Source Port

Source Port at client side.

TCP port range (0 to 65535).

Destination Port

Destination Port at the server side.

TCP port range (0 to 65535).

Protocol

Inline SSL Session's protocol details.

TLS/SSL Inbound      -Inbound TLS/SSL session

TLS/SSL Outbound -Outbound TLS/SSLsession.

 Non-SSL-                 Not an SSL session, need not be decrypted.

TCP State

TCP state of all the legs/ports of ISSL such as:

  • Na - Inline Network Port A.

  • Nb - Inline Network Port B.

  • Ta  - Inline Tool Port A.

  • Tb - Inline Tool Port B..

All Possible TCP protocol state for each leg:

 

INIT – TCP connection is yet to be started from GigaSMART engine.
SYN-SENT – GigaSMART engine has initiated the TCP connection to the server.
SYN-RECEIVED – GigaSMART engine has received a TCP connection request from a client.
ESTABLISHED – GigaSMART engine has established an ongoing TCP connection.
FIN-WAIT-1 – GigaSMART engine has initiated connection termination request
FIN-WAIT-2 – GigaSMART engine has received an acknowledgement for its connection termination request, awaiting for connection termination from other end.
CLOSE-WAIT – GigaSMART engine has received connection termination request.
CLOSING – GigaSMART engine is awaiting acknowledgment for its connection termination request.
LAST-ACK – GigaSMART engine has acknowledged connection termination request and sent the connection termination request, and is awaiting for the last acknowledgement before closing.
TIME-WAIT – GigaSMART engine waiting for the other host to receive the last acknowledgement sent.
CLOSED – TCP connection is closed at GigaSMART engine.

N/A – TCP not expected to be performed at this leg for this session

Decryption

Session traffic is being decrypted.

Yes, No

Error

Specifies if this session processing has any error.

ERR, NO_ERR

SSL State  

State of SSL processing.
N/A,
Handshake,
Decrypting,
Bypass:no_config,
Bypass:clientHello_err,
Bypass:no_sni,
Bypass:no_cert,
Drop:cert_mismatch,
Drop:tool_block,
Bypass:policy,
Bypass:handshake_fail,
Bypass:unknown_revocation,
Bypass:client_auth,
Bypass:version_mismatch,
Bypass:src_ssl_init_error,
Bypass:ssl_key_mismatch,
Drop:version_mismatch,
Bypass:unsupported_ciphers,
SSL_Proxy:non_http

Cert Subject Name  

Client's Certificate subject name.

 

C2S Status

Client to Server TCP state details.

All Possible TCP protocol state: (For detailed explanation, refer previous explanation on TCP states on the table)

INIT, CLOSED, SYN SENT, SYN RECD, EST, CLOSE WAIT, FIN WAIT 1, CLOSING, LAST ACK, FIN WAIT 2, TIME WAIT,  N/A

S2C Status

Server to Client TCP state details.

All Possible TCP protocol state: (For detailed explanation, refer previous explanation on TCP states on the table)

INIT, CLOSED, SYN SENT, SYN RECD, EST, CLOSE WAIT, FIN WAIT 1, CLOSING, LAST ACK, FIN WAIT 2, TIME WAIT,  N/A

Tool Status  

Status of Tool connection status.
TOOL_NOT_BYPASS – Traffic will flow through tools.
TOOL_BYPASS – Traffic will skip tools.

PolicyVerdict

ISSL policy decision determined for this session.
NO_DECRYPT
PENDING
DECRYPT

PolicyMatchFields

The fields through which policy matching is derived.
DEFAULTSRC_IP
DST_IP
SRC_PORT
DST_PORT
VLAN
DOMAIN
CATEGORY
ISSUER
URL_CACHE_MISS
PENDING

URLCategory

Category of the URL based on the certificate of the server.
Uncategorized
RealEstate
ComputerandInternetSecurity
FinancialServices
BusinessandEconomy
ComputerandInternetInfo
Auctions
Shopping
CultandOccult
Travel
AbusedDrugs
AdultandPornography
Home
Military
SocialNetwork
DeadSites
IndividualStockAdviceandTools
TrainingandTools
Dating
SexEducation
Religion
EntertainmentandArts
PersonalSitesandBlogs
Legal
LocalInformation
StreamingMedia
JobSearch
Gambling
Translation
ReferenceandResearch
SharewareandFreeware
P2P
Marijuana
Hacking
Games
PhilosophyandPoliticalAdvocacy
Weapons
PaytoSurf
HuntingandFishing
Society
EducationalInstitutions
OnlineGreetingcards
Sports
Swimsuits&IntimateApparel
Questionable
Kids
HateandRacism
OnlinePersonalStorage
Violence
KeyloggersandMonitoring
SearchEngines
InternetPortals
WebAdvertisements
Cheating
Gross
WebbasedEmail
MalwareSites
PhishingandOtherFrauds
ProxyAvoidandAnonymizers
SpywareandAdware
Music
Government
Nudity
NewsandMedia
Illegal
CDNs
InternetCommunications
BotNets
Abortion
Health&Medicine
ConfirmedSPAMSources
SPAMURLs
UnconfirmedSPAMSources
OpenHTTPProxies
DynamicContent
ParkedSites
AlcoholandTobacco
PrivateIPAddresses
ImageandVideoSearch
FashionandBeauty
RecreationandHobbies
MotorVehicles
WebHosting
N/A
Unknown

URLFilterResult

Based on URL filter what decision was made for this session

 

InterfacePair

Interface network pair used for this session

Na/Nb, Nb/Na

ToolInterfacePair

Interface tool pair used for this session

Ta/Tb, Tb/Ta

StartTime

Start time of the session

 

EndTime

End time of the session

 

DurationSeconds

Seconds for which session was served

 

SSLVersion

SSL Version used

SSLv1.2, TLSv1, TLSv1.2, TLSv1.3.

SSLCipher

SSL Cipher used for encryption/decryption

All Possible standard ciphers.

CertIssuer

Certificate Issuer of client certificate

 

CertValidation

Certificate validation status.
VALID
INVALID
SELF_SIGNED
HOST_MISMATCH
EXPIRED
REVOKED
UNKNOWN_CA
N/A

ClitoServTotalPktcount

Total Packet count from client to server.

 

ServtoCliTotalPktcount

Total Packet count from server to client.

 

ClitoServClearTextByte

Total Decrypted bytes from client to server.

 

ServtoCliClearTextByte

Total Decrypted bytes from server to client.

 

ClitoServOriginalByte

Total Bytes transferred from client to server.

 

ServtoCliOriginalByte

Total Bytes transferred from server to client.

 

SSLflags(devuse)

This is for debugging purpose, can only be determined with the knowledge of code of that particular version.