Firewall Filter Names And Options; Firewall Filter Terms; Firewall Filter Match Conditions - Juniper ACX1000 Configuration Manual
Junos os; acx series universal access router
Hide thumbs
Also See for ACX1000:
- User manual (216 pages) ,
- Hardware manual (204 pages) ,
- Quick start manual (27 pages)
Table of Contents
Advertisement
ACX Series Universal Access Router Configuration Guide
Firewall Filter Names and Options
Firewall Filter Terms
Firewall Filter Match Conditions
1046
NOTE:
For bridge family filter, the ip-protocol match criteria is supported
only for IPv4 and not for IPv6. This is applicable for line cards that support
the Junos Trio chipset such as the MX 3D MPC line cards.
Under the
family family-name
to create and name firewall filters. The filter name can contain letters, numbers, and
hyphens (-) and be up to 64 characters long. To include spaces in the name, enclose the
entire name in quotation marks (" ").
At the
[edit firewall family family-name filter filter-name]
statements are optional:
accounting-profile
(MX Series routers with Modular Port Concentrators (MPCS) only)
instance-shared
interface-specific
physical-interface-filter
Under the
filter filter-name
create and name filter terms.
You must configure at least one term in a firewall filter.
You must specify a unique name for each term within a firewall filter. The term name
can contain letters, numbers, and hyphens (-) and can be up to 64 characters long.
To include spaces in the name, enclose the entire name in quotation marks (" ").
The order in which you specify terms within a firewall filter configuration is important.
Firewall filter terms are evaluated in the order in which they are configured. By default,
new terms are always added to the end of the existing filter. You can use the
configuration mode command to reorder the terms of a firewall filter.
At the
[edit firewall family family-name filter filter-name term term-name]
the
filter filter-name
statement is not valid in the same term as
When included at this hierarchy level, the
firewall filters.
Firewall filter match conditions are specific to the type of traffic being filtered.
With the exception of MPLS-tagged IPv4 or IPv6 traffic, you specify the term's match
conditions under the
statement. For MPLS-tagged IPv4 traffic, you specify the term's
from
IPv4 address-specific match conditions under the
term's IPv4 port-specific match conditions under the
statement, you can include
statement, you can include
filter filter-name
ip-version ipv4
filter filter-name
statements
hierarchy level, the following
statements to
term term-name
insert
hierarchy level,
from
or
then
statements.
statement is used to nest
statement and the
statement.
protocol (tcp | udp)
Copyright © 2017, Juniper Networks, Inc.
- Quick Links:
- Interfaces
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
