Juniper JUNOS OS 10.3 - SOFTWARE Manual page 3160

Complete Software Guide for Junos
3064
®
OS for EX Series Ethernet Switches, Release 10.3
Configure the family address type for the firewall filter:
1.
For a firewall filter that is applied to a port or VLAN, specify the family address type
to filter Layer 2 (Ethernet) packets and Layer 3 (IP) packets,
ethernet-switching
for example:
[edit firewall]
user@switch# set family ethernet-switching
For a firewall filter that is applied to a Layer 3 (routed) interface:
To filter IPv4 packets, specify the family address type
[edit firewall]
user@switch# set family inet
To filter IPv6 packets, specify the family address type
[edit firewall]
user@switch# set family inet6
NOTE: You can configure firewall filters for both IPv4 and IPv6 traffic
on the same Layer 3 interface.
Specify the filter name:
2.
[edit firewall family ethernet-switching]
user@switch# set filter ingress-port-filter
The filter name can contain letters, numbers, and hyphens (-) and can have a maximum
of 64 characters. Each filter name must be unique.
If you want to apply a firewall filter to multiple interfaces and name individual firewall
3.
counters specific to each interface, configure the
[edit firewall family ethernet-switching filter ingress-port-filter]
user@switch# set interface-specific
Specify a term name:
4.
[edit firewall family ethernet-switching filter ingress-port-filter]
user@switch# set term term-one
The term name can contain letters, numbers, and hyphens (-) and can have a
maximum of 64 characters.
A firewall filter can contain one or more terms. Each term name must be unique within
a filter.
inet , for example:
inet6 , for example:
option:
interface-specific
Copyright © 2010, Juniper Networks, Inc.