Hi, Related to my question I was looking at the policies you can set in VC3.
The documentation speaks of an ":" operator but when I try to apply it to a rule it is not allowed, probable because I'm doing it wrong. For instance when I try the following rule in the CLI: "set policy policy-statement FireWallTest term 1 from network4 10.0.0.10:10.0.0.30" I get an error telling me "ERROR: node "network4": argument "10.0.0.10:10.0.0.30" is not a valid "IPv4Net": value must be an IPv4 subnet in address/prefix-length form." Where in the policies can one apply the ":" operator? The documentation on page 87 says that "The following criteria allow operators" and then in the table on line Criterion line 5 : "network4 :, ==, !=, <, >, <=, >=, exact, not, shorter, longer, orshorter, orlonger" I think that if I could make a policy stating somethinglike "from x.x.x.y:x.x.x.z to 192.168.1.2 then action: accept" this would solve my problem of restricting the next hop 192.168.1.2 to pnly a few ip adresses. Probably I'm wrong. Kind regards, Michel Wij zijn verhuisd naar een pand aan het Surinameplein. Ons bezoekadres is niet langer Jacques Veltmanstraat 463, maar SURINAMEPLEIN 122, 1058 GV Amsterdam. Alle overige gegevens zoals telefoonnummers, faxnummer, postadres zijn ongewijzigd. We moved to a new office. Our visiting address changed from Jacques Veltmanstraat 463 to SURINAMEPLEIN 122, 1058 GV Amsterdam, the Netherlands. All our other contact details such as phone and fax numbers and mail address will remain the same. _______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
