On Friday, August 26, 2011 11:38:25 PM Clarke Morledge
wrote:
I would love to be proven wrong on this, but I do not
think you can use family any filters on the lo0
interface.You can only use family inet filters,
and presumably you could use family inet6 (haven't
tested that).
'family
Hi guys,
To revive this thread; does anyone know how to check what type of
packets are being matched when using an family any input filter on lo0
?
You can't seem to use log as action and the from clause only allows
some protocol independent matches;
daniel@lab# set firewall family any filter
Daniel,
I would love to be proven wrong on this, but I do not think you can use
family any filters on the lo0 interface.You can only use family
inet filters, and presumably you could use family inet6 (haven't tested
that). Other filters do not work since the packet headers probably get
On (2011-08-26 11:38 -0400), Clarke Morledge wrote:Q
(haven't tested that). Other filters do not work since the packet
headers probably get stripped off before hitting the RE.
Quite, but the packets are not anywhere near RE when lo0 filter is being
processed, there isn't any strict technical
On Fri, Aug 26, 2011 at 17:38, Clarke Morledge chm...@wm.edu wrote:
I would love to be proven wrong on this, but I do not think you can use
family any filters on the lo0 interface.
well, it does commit on M and MX running 10.4;
set firewall family any filter test term test then accept count
Hi Clarke,
Lot's of good insight here. You've put together some pretty good stuff.
Have you thought about putting it on a blog somewhere?
Stefan Fouant
JNCIE-ER, JNCIE-M, JNCIE-SEC, JNCI
Technical Trainer, Juniper Networks
http://www.shortestpathfirst.net
http://www.twitter.com/sfouant
On
I have posed a number of questions to the mailing list over the past
couple of months about configuring RE protect filters for the MX platform.
I'd like to summarize my experiences so that others do not have to go
through the headaches I've had.
An Introduction: In our campus environment we
7 matches
Mail list logo
