1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Firewall
  5. Advanced Threat Prevention Appliance
  6. Cli command reference manual

Set Traffic-Filter (Collector Mode); Set Protocols (Collector Mode) - Juniper Advanced Threat Prevention Appliance Cli Command Reference Manual

Hide thumbs
Table of Contents

Advertisement

set traffic-filter (collector mode)

Table 2-19 set traffic-filter
Description
Product(s) CLI
Mode(s)
Syntax
Parameters
Example

set protocols (collector mode)

Table 2-20 set protocols
Description
Product(s) CLI
Mode(s)
Syntax
Example
Sets traffic filter rules to avoid analysis on a set of configured traffic, which cannot
be made retroactive; for example: any analysis skipped as a result of the filtering
cannot be reversed. This command can be applied to an entire network/subnet/
CIDR range.
See Also: set (server mode); show (diagnosis mode) [show traffic-filter]
All-in-One | Collector
collector
set traffic-filter {add <rule_name> <domain> <source-
address> <destination-address> <source-port>
<destination-port> <protocol> | remove <rule_name>}
traffic-filter add
<RuleString><Dom
ainString><source-
<destin
address>
ation-address>
<source-port>
<destination-
port>
<protocol>
The following example add a traffic filter rule to the Traffic Collector.
JATP-collector02(collector)# set traffic-rule add
CustomRule2 headqrts.example.com 10.2.00/16 20.0.0.2
90 120 tcp
where destination-address is 20.0.0.2, destination-port is 120, protocol is tcp,
source-address is 10.2.0.0/16 and source-port is 90 (in our example).
Enables and disables the HTTP or SMB parser for a Traffic Collector.
show protocols
See Also:
All-in-One | Collector
collector
(collector)# set protocols {http [on|off] | smb [on|off]}
The following example enables the SMB parser for lateral detections:
hostname (collector) set protocols smb on
Copyright© 2018, Juniper Networks, Inc.
CLI Command Reference Guide
Adds a traffic filter rule where:
"RuleString" is the name of the rule
"DomainString" is the domain to filter out
"source-address" is the source IPv4 address or network
(CIDR)
"destination-address" is the destination IPv4 address or
network (CIDR)
"source-port" is the source port number (0-65535)
"destination-port" is the destination port number (0-65535)
"protocol" is the protocol type: either IP, TCP, UDP or HTTP
command in
show (collector mode)
23

Advertisement

Table of Contents
loading

Related Manuals for Juniper Advanced Threat Prevention Appliance

Related Content for Juniper Advanced Threat Prevention Appliance

Table of Contents