Usage
<configuration><firewall><family><inet><filter><term><then><policer>policer</policer><three-color-policer>...</three-color-policer><count>count</count><log/><syslog/><sample/><port-mirror/><analyzer>analyzer</analyzer><loss-priority>loss-priority-choice</loss-priority><forwarding-class>forwarding-class</forwarding-class><virtual-channel>virtual-channel</virtual-channel><accept/><discard>...</discard><service-filter-hit/><dscp>dscp</dscp><next>next-choice</next><logical-system>...</logical-system><routing-instance>...</routing-instance><topology>topology</topology><ipsec-sa>ipsec-sa</ipsec-sa><next-hop-group>next-hop-group</next-hop-group><reject>...</reject><load-balance>load-balance</load-balance><prefix-action>prefix-action</prefix-action></then></term></filter></inet></family></firewall>
</configuration>Description
Action to take if the 'from' condition is matched.
Contents
<analyzer>—Name of analyzer - (Ingress only).
<count>—Count the packet in the named counter.
<dscp>—Set the DSCP value to be remarked.
<forwarding-class>—Classify packet to forwarding class.
<ipsec-sa>—Use specified IPSec security association.
<load-balance>—Use specified load balancing group.
<logical-system>—Packets are directed to specified logical system.
<loss-priority>—Packet's loss priority.
high—Loss priority high.low—Loss priority low.medium-high—Loss priority medium-high.medium-low—Loss priority medium-low.
<next>—Continue to next term in a filter.
<next-hop-group>—Use specified next-hop group.
<policer>—Name of policer to use to rate-limit traffic.
<port-mirror>—Port-mirror the packet.
<prefix-action>—Police or count packets using named prefix action.
<routing-instance>—Packets are directed to specified routing instance.
<service-filter-hit>—Marked when packet processing by the current type of chained filters is done, the packet is directed to the next type of filters.
<syslog>—System log (syslog) information about the packet.
<three-color-policer>—Police the packet using a three-color-policer.