Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    system-services (Security Zones Interfaces)

    Syntax

    system-services service-name { except;}

    Hierarchy Level

    [edit security zones security-zone zone-name interfaces interface-name host-inbound-traffic]

    Release Information

    Statement introduced in Junos OS Release 8.5.

    Description

    Specify the types of traffic that can reach the device on a particular interface.

    Options

    • service-name —Service for which traffic is allowed. The following services are supported:
      • all—Enable all possible system services available on the Routing Engine (RE).
      • any-service—Enable services on entire port range.
      • bootp—Enable traffic destined to BOOTP and DHCP relay agents.
      • dhcp—Enable incoming DHCP requests.
      • dhcpv6—Enable incoming DHCP requests for IPv6.
      • dns—Enable incoming DNS services.
      • finger—Enable incoming finger traffic.
      • ftp—Enable incoming FTP traffic.
      • http—Enable incoming J-Web or clear-text Web authentication traffic.
      • https—Enable incoming J-Web or Web authentication traffic over Secure Sockets Layer (SSL).
      • ident-reset—Enable the access that has been blocked by an unacknowledged identification request.
      • ike—Enable Internet Key Exchange traffic.
      • netconf SSH—Enable incoming NetScreen Security Manager (NSM) traffic over SSH.
      • ntp—Enable incoming Network Time Protocol (NTP) traffic.
      • ping—Allow the device to respond to ICMP echo requests.
      • r2cp—Enable incoming Radio Router Control Protocol traffic.
      • reverse-ssh—Reverse SSH traffic.
      • reverse-telnet—Reverse Telnet traffic.
      • rlogin—Enable incoming rlogin (remote login) traffic.
      • rpm—Enable incoming real-time performance monitoring (RPM) traffic.
      • rsh—Enable incoming Remote Shell (rsh) traffic.
      • sip—Enable Incoming Session Initiation protocol (SIP) traffic.
      • snmp—Enable incoming SNMP traffic (UDP port 161).
      • snmp-trap—Enable incoming SNMP traps (UDP port 162).
      • ssh—Enable incoming SSH traffic.
      • telnet—Enable incoming Telnet traffic.
      • tftp—Enable TFTP services.
      • traceroute—Enable incoming traceroute traffic (UDP port 33434).
      • xnm-clear-text—Enable incoming Junos XML protocol traffic for all specified interfaces.
      • xnm-ssl— Enable incoming Junos XML protocol-over-SSL traffic for all specified interfaces.
    • except—(Optional) except can only be used if all has been defined.

    Required Privilege Level

    security—To view this statement in the configuration.

    security-control—To add this statement to the configuration.

     

    Related Documentation

     

    Modified: 2015-12-23

    Previous Page Next Page