[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
Example: Blocking
Telnet and SSH Access
Block telnet and SSH access to all but the 192.168.1.0/24 subnet. This filter also logs any SSH or telnet
traffic attempts from other subnets to the firewall log buffer:
- [edit]
- firewall {
-
- family inet {
-
- filter local-access-control {
-
- term terminal-access {
-
- from {
-
- address {
- 192.168.1.0/24;
- }
- protocol tcp;
- port [ssh telnet];
- }
- then accept;
- }
-
- term terminal-access-denied {
-
- from {
- protocol tcp;
- port [ssh telnet];
- }
-
- then {
- log;
- reject;
- }
- }
-
- term default-term {
- then accept;
- }
- }
- }
- }
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
