 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
- no-sequence-check;
- [edit security flow tcp-session]
Statement introduced in Release 8.5 of JUNOS software.
Specify that the device does not check sequence numbers in TCP segments during stateful inspection. By default, the device monitors the sequence numbers in TCP segments. The device detects the window scale specified by source and destination hosts in a session and adjusts a window for an acceptable range of sequence numbers according to their specified parameters. The device then monitors the sequence numbers in packets sent between these hosts. If the device detects a sequence number outside this range, it drops the packet.
This statement is supported on J-series and SRX-series devices.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |