•
Configuring Firewall Filters (CLI Procedure) on page 3063
•
Configuring Policers to Control Traffic Rates (CLI Procedure) on page 3073
•
Firewall Filters for EX Series Switches Overview on page 3001
Firewall Filter Configuration Statements Supported by Junos OS for EX Series Switches
You configure firewall filters to filter packets based on their components and to perform
an action on packets that match the filter.
Table 392 on page 3090 lists the options that are supported for the firewall statement in
Junos OS for EX Series switches.
Table 392: Supported Options for Firewall Filter Statements
Description
Statement and Option
The
family-name
option specifies the version or type of
addressing protocol:
•
any
—Filter packets based on protocol-independent match
conditions.
•
ethernet-switching
—Filter Layer 2 (Ethernet) packets and
Layer 3 (IP) packets
•
inet
—Filter IPv4 packets
•
inet6
—Filter IPv6 packets
family family-name {
}
The
filter-name
option identifies the filter. The name can
contain letters, numbers, and hyphens (-) and can be up to 64
characters long. To include spaces in the name, enclose the
name in quotation marks (" " ).
filter filter-name {
}
The
interface-specific
statement configures unique names for
individual firewall counters specific to each interface.
interface-specific
The
term-name
option identifies the term. The name can
contain letters, numbers, and hyphens (-) and can be up to 64
characters long. To include spaces in the name, enclose the
entire name in quotation marks (" " ). Each term name must
be unique within a filter.
term term-name {
}
The
from
statement is optional. If you omit it, all packets are
considered to match.
from {
match-conditions;
}
For information about the
action
and
action-modifiers
options,
see “Firewall Filter Match Conditions and Actions for EX Series
Switches” on page 3009.
then {
action;
action-modifiers;
}
The
policer-name
option identifies the policer. The name can
contain letters, numbers, and hyphens (-) and can be up to 64
characters long. To include spaces in the name, enclose the
name in quotation marks (" " ).
policer policer-name {
}
Copyright © 2010, Juniper Networks, Inc.
3090
Complete Software Guide for Junos
®
OS for EX Series Ethernet Switches, Release 10.3
Summary of Contents for JUNOS OS 10.3 - SOFTWARE
Page 325: ...CHAPTER 17 Operational Mode Commands for System Setup 229 Copyright 2010 Juniper Networks Inc ...
Page 1323: ...CHAPTER 56 Operational Mode Commands for Interfaces 1227 Copyright 2010 Juniper Networks Inc ...
Page 2841: ...CHAPTER 86 Operational Commands for 802 1X 2745 Copyright 2010 Juniper Networks Inc ...
Page 3367: ...CHAPTER 113 Operational Mode Commands for CoS 3271 Copyright 2010 Juniper Networks Inc ...
Page 3435: ...CHAPTER 120 Operational Mode Commands for PoE 3339 Copyright 2010 Juniper Networks Inc ...
Page 3529: ...CHAPTER 126 Operational Mode Commands for MPLS 3433 Copyright 2010 Juniper Networks Inc ...