Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1 Manual page 54

Network and Security Manager 2010.4 API Guide
Table 14: Firewall Data Elements (continued)
Data Element
nat-dip
nat
preferred-id
log
count
log-actions
url-blk
url-protocol
target_collection
36
Description
Source NAT.
You can configure your security device to perform policy level network address translation (NAT)
for any zone to translate the source address of incoming and outgoing traffic. You can configure
the firewall to select a new source address from a Dynamic IP pool (DIP). For incoming traffic
only, use a Mapped IP (MIP).
A preferred-id is a rule ID, a number that uniquely identifies a rule within the rulebase and security
policy. After you install a rule as part of a security policy on a security device, you can view the
rule by logging in locally to the device. However, when you view it through the Web UI or CLI, the
rule appears as an individual policy. The individual policy on the device has the same ID as the
rule in the management system, enabling you to determine which rules are on specific devices.
Deep inspection alert log.
Select Counting if you want to count how many bytes the matching network traffic contains and
view this information in other applications. Possible values:
disabled
enabled
Action to be taken on the log. This can include configuring SNMP, Syslog, CSV, XML, script, and
e-mail settings.
Web filtering. (default = false)
URL protocol.
Specifies the security devices or templates that will receive and use this rule. You can select
multiple security devices on which to install the rule.
Copyright © 2010, Juniper Networks, Inc.