Configuring JUNOS Filter Conditions (SRC CLI)
Use the following configuration statements to configure JUNOS filter conditions.
- policies group name list name rule name traffic-condition name traffic-match-condition
{
- forwarding-class forwarding-class ;
- interface-group interface-group ;
- source-class source-class ;
- destination-class destination-class ;
- allow-ip-options allow-ip-options ;
- }
To add JUNOS filter conditions to a classify-traffic condition:
- From configuration mode, enter the application protocol configuration. For example:
- (Optional) Configure the name of a forwarding class to match.
- (Optional) Configure the condition to match packets based on the interface group on which the packet was received.
- (Optional) Configure the condition to match packets based
on source class. A source class is a set of source prefixes grouped
together and given a class name. You usually match source and destination
classes for output firewall filters.
You cannot match on both source class and destination class at the same time. You must choose one or the other.
- (Optional) Configure the condition to match packets based
on destination class. A destination class is a set of destination
prefixes grouped together and given a class name. You usually match
source and destination classes for output firewall filters.
You cannot match on both source class and destination class at the same time. You must choose one or the other.
- (Optional) Configure the condition to match packets based on IP options.
- (Optional) Verify the JUNOS filter condition configuration.
[edit policies group junos list bodVpn rule pr traffic-condition ctc traffic-match-condition] user@host# show forwarding-class fc_expedited; interface-group 42; source-class gold-class; destination-class gold-class; allow-ip-options strict-source-route;