[northlandboy]

I think the first line tells you what each column is. You can then do your own stuff in perl/awk/whatever to convert hex to dotted decimal. Just standard Unix text processing really.

I don't think you can add a filter to the fw tab command - I think you can only dump the whole thing and grep out what you need.

70-100K is a lot of connections, but it depends on how powerful your firewalls are. Usually I will run the command to dump the table on the secondary firewall in the cluster, since the connections tables are in sync.

As an aside, you can also run this command from the mgmt station - you don't actually need to log onto the firewall. On the mgmt station, run fw tab -t connections -u <fw_name>