Juniper JUNOS OS 10.3 - SOFTWARE Manual page 3127

Related
Documentation
Copyright © 2010, Juniper Networks, Inc.
Figure 78: Evaluation of Terms Within a Firewall Filter
If a term does not contain a
action in the statement of the term is taken.
then
If a term does not contain a
the statement, and the packet matches the conditions in the
then
term, the packet is accepted.
Every firewall filter contains an implicit
equivalent to the following explicit filter term:
term implicit-rule {
then discard;
}
Consequently, if a packet passes through all the terms in a filter without matching any
conditions, the packet is discarded. If you configure a firewall filter that has no terms, all
packets that pass through the filter are discarded.
NOTE: Firewall filtering is supported on packets that are at least 48 bytes
long.
Firewall Filters for EX Series Switches Overview on page 3001
Understanding Firewall Filter Match Conditions on page 3032
Understanding the Use of Policers in Firewall Filters on page 3036
Example: Configuring Firewall Filters for Port, VLAN, and Router Traffic on EX Series
Switches on page 3039
statement, the packet is considered to match and the
from
statement, or if an action has not been configured in
then
statement at the end of the filter, which is
deny
Chapter 100: Firewall Filters—Overview
statement of the
from
3031