On Fri, Aug 26, 2011 at 17:38, Clarke Morledge <[email protected]> wrote: > I would love to be proven wrong on this, but I do not think you can use > "family any" filters on the lo0 interface.
well, it does commit on M and MX running 10.4; set firewall family any filter test term test then accept count counter set interfaces lo0 unit 0 family any filter input test commit and counter immediately starts increasing; run show firewall filter test Filter: test Counters: Name Bytes Packets counter 4812 19 I'm really wondering what exactly it is matching on, is it all "non-IP" or only some specific layer 2 (control) packets? --Daniel. _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
