Routers - Juniper ACX1000 Configuration Manual
Junos os; acx series universal access router
Hide thumbs
Also See for ACX1000:
- User manual (216 pages) ,
- Hardware manual (204 pages) ,
- Quick start manual (27 pages)
Table of Contents
Advertisement
ACX Series Universal Access Router Configuration Guide
Table 72: Standard Firewall Filter Action Categories for ACX Series Routers (continued)
Type of Action
Nonterminating
Related
Documentation
Standard Firewall Filter Match Conditions for IPv4 Traffic on ACX Series Routers
Table 73: Standard Firewall Filter Match Conditions for IPv4 Traffic on ACX Series Routers
Match Condition
destination-address address
destination-port number
destination-prefix-list
1054
Description
Performs other functions on a packet (such as
incriminating a counter, logging information about
the packet header, sampling the packet data, or
sending information to a remote host using the
system log functionality), but any additional terms
are used to examine the packet.
Guidelines for Configuring Firewall Filters on page 1044
Interface-Specific Firewall Filter Instances Overview
On ACX Series routers, you can configure a standard stateless firewall filter with match
conditions for IP version 4 (IPv4) traffic (
match conditions you can configure at the
hierarchy level.
term-name from]
Description
Match the IPv4 destination address field.
NOTE:
On ACX Series routers, you can specify only one destination address. A list of IPv4
destination addresses is not supported.
Match the UDP or TCP destination port field.
If you configure this match condition, we recommend that you also configure the
or
match statement in the same term to specify which protocol is being used on
protocol tcp
the port.
NOTE:
On ACX Series routers, you can specify only one destination port number. A list of port
numbers is not supported.
In place of the numeric value, you can specify one of the following text synonyms (the port
numbers are also listed):
afs
(2401),
(67),
cvspserver
dhcp
(21),
(20),
ftp
ftp-data
http
(543),
(761),
klogin
kpasswd
(513),
(434),
login
mobileip-agent
netbios-ns
(137),
netbios-ssn
pptp
(1723),
printer
(515),
radacct
(161),
(162),
snmp
snmptrap
(49),
(65),
tacacs
tacacs-ds
(177).
xdmcp
Match IP destination prefixes in named list.
family inet
).
Table 73 on page 1054
[edit firewall family inet filter filter-name term
(1483),
(179),
(512),
bgp
biff
(53),
(2105),
domain
eklogin
(80),
(443),
(113),
https
ident
(754),
(760),
krb-prop
krbupdate
(435),
mobilip-mn
msdp
(139),
nfsd
(2049),
nntp
(119),
(1813),
radius
(1812),
rip
(444),
(1080),
snpp
socks
ssh
(517),
(23),
(69),
talk
telnet
tftp
Comment
See
"Standard Firewall Filter
Nonterminating Actions on ACX
Series Routers" on page
describes the
protocol udp
(68),
(67),
bootpc
bootps
cmd
(2106),
(512),
ekshell
exec
finger
(143),
(88),
imap
kerberos-sec
(544),
(389),
kshell
ldap
ldp
(639),
(138),
netbios-dgm
ntalk
(518),
ntp
(123),
pop3
(520),
rkinit
(2108),
smtp
(25),
(22),
(111),
(514),
sunrpc
syslog
(525),
(513), or
timed
who
Copyright © 2017, Juniper Networks, Inc.
1064.
(514),
(79),
(646),
(110),
- Quick Links:
- Interfaces
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
