Juniper JUNOS OS 10.3 - SOFTWARE Manual page 3122

Complete Software Guide for Junos
Table 380: Supported Match Conditions Applicable to IPv6 Traffic for Firewall Filters on EX
Series Switches (continued)
Match Condition Description
IP source prefix list field.
source-prefix-list
prefix-list
You can define a list of IP address prefixes
under a prefix-list alias for frequent use. You
make this definition at the
policy-options]
One or more TCP flags:
tcp-flags (flags
tcp-initial)
bit-name—
logical operators—
(logical OR),
numerical value—0x01 through 0x20
text synonym—
To specify multiple flags, use logical
operators.
Match the first TCP packet of a connection.
tcp-initial
tcp-initial
"(syn & !ack)"
tcp-initial
the protocol is TCP. To do so, specify the
protocol tcp
3026
®
OS for EX Series Ethernet Switches, Release 10.3
[edit
hierarchy level.
, , , , ,
fin syn rst push ack
& (logical AND),
! (negation)
tcp-initial
is a synonym for the bit names
.
does not implicitly check whether
match condition.
Supported Platforms and Bind Points
Ingress
EX2200—Layer 3
interfaces
EX3200 and
EX4200—Layer 3
interfaces
EX4500—Layer 3
interfaces
EX8200—Layer 3
interfaces
EX2200—ports, VLANs,
and Layer 3 interfaces
urgent
EX3200 and
|
EX4200—ports, VLANs,
and Layer 3 interfaces
EX4500—ports, VLANs,
and Layer 3 interfaces
EX8200—Layer 3
interfaces
EX2200—ports, VLANs,
and Layer 3 interfaces
EX3200 and
EX4200—ports, VLANs,
and Layer 3 interfaces
EX4500—ports, VLANs,
and Layer 3 interfaces
EX8200—Layer 3
interfaces
Copyright © 2010, Juniper Networks, Inc.
Egress
EX2200—Layer 3
interfaces
EX3200 and
EX4200—Layer 3
interfaces
EX4500—Layer 3
interfaces
EX8200—Layer 3
interfaces
EX2200—not
supported
EX3200 and
EX4200—not
supported
EX4500—not
supported
EX8200—not
supported
EX2200—not
supported
EX3200 and
EX4200—not
supported
EX4500—not
supported
EX8200—not
supported