application-firewall
Syntax
application-firewall {
rule-sets rule-set-name {
default-rule {
(deny | permit);
}
rule rule-name {
match {
dynamic-application [system-application];
dynamic-application-group [system-application-group];
}
then {
(deny | permit);
}
}
}
traceoptions {
file {
filename;
files number;
match regular-expression;
size maximum-file-size;
(world-readable | no-world-readable);
}
flag flag;
no-remote-trace;
}
}
Hierarchy Level
[edit security]
[edit tenants tenant-name security application-firewall]
Release Information
Statement introduced in Junos OS Release 11.1.
The statement set tenant tenant-name security application-firewall hierarchy level is introduced in Junos OS Release 18.4R1.
Description
Configure application firewall rule sets with rules defining match criteria and the action to be performed. The application firewall services configuration is supported on both logical systems and tenant systems.
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.