Verifying A Services, Protocols, And Trusted Sources Firewall Filter - Juniper J2300 User Manual

Verify the following information:
What It Means
For more information about the
Class of Service, and System Basics Command Reference.

Verifying a Services, Protocols, and Trusted Sources Firewall Filter

Verify the firewall filter configured in "Configuring a Routing Engine Firewall Filter
Purpose
for Services and Protocols from Trusted Sources" on page 400.
To verify that the actions of the firewall filter terms are taken, send packets to the
Action
Services Router that match the terms. In addition, verify that the filter actions are
not taken for packets that do not match.
Sample Output
% ssh 192.168.249.71
%ssh host
user@host's password:
--- JUNOS 6.4-20040518.0 (JSERIES) #0: 2004-05-18 09:27:50 UTC
user@host>
Next to , the name of the firewall filter is correct.
Filter
Under :
Counters
Under , the names of any counters configured in the firewall filter
Name
are correct.
Under , the number of bytes that match the filter term containing
Bytes
the
count counter-name
Under , the number of packets that match the filter term
Packets
containing the
count counter-name
Under :
Policers
Under , the names of any policers configured in the firewall filter
Name
are correct.
Under , the number of packets that match the conditions specified
Packets
for the policer are shown.
Use the command from a host at an IP address that matches
ssh host-name
to verify that you can log in to the Services Router using only
192.168.122.0/24
SSH from a host with this address prefix.
Use the
show route summary
Services Router does not contain any entries with a protocol other than
, , , or
Direct Local BGP Static
Configuring Firewall Filters and NAT
action are shown.
action are shown.
command, see the JUNOS Protocols,
show firewall filter
command to verify that the routing table on the
.
Verifying Firewall Filter Configuration
423