[Contents] [Prev] [Next] [Index] [Report an Error]

Testing ex-add-accept.xsl

To test the example in this section, perform the following steps:

  1. From Adding a Final then accept Term to a Firewall, copy the Extensible Stylesheet Language Transformations (XSLT) or SLAX script into a text file, and name the file ex-add-accept.xsl. Copy the ex-add-accept.xsl file to the /var/db/scripts/commit directory on your routing platform.
  2. Select the following configuration, and press Ctrl+c to copy it to the clipboard. If you are using the SLAX version of the script, change the filename to filename.slax. 
    system {
        scripts {
            commit {
                file ex-add-accept.xsl;
            }
        }
    }
    firewall {
        policer sgt-friday {
            if-exceeding {
                bandwidth-percent 10;
                burst-size-limit 250k;
            }
            then discard;
        }
        family inet {
            filter test {
                term one {
                    from {
                        interface t1-0/0/0;
                    }
                    then {
                        count ten-network;
                        discard;
                    }
                }
                term two {
                    from {
                        forwarding-class assured-forwarding;
                    }
                    then discard;
                }
            }
        }
    }
    interfaces {
        t1-0/0/0 {
            unit 0 {
                family inet {
                    policer output sgt-friday;
                    filter input test;
                }
            }
        }
    }
  3. Merge the configuration into your routing platform configuration by issuing the load merge terminal configuration mode command:
    [edit]
    user@host# load merge terminal
    [Type ^D at a new line to end input]
    > Paste the contents of the clipboard here<
    1. At the prompt, paste the contents of the clipboard using the mouse and the paste icon.
    2. Press Enter.
    3. Press Ctrl+d.
  4. Issue the commit command. When you issue the commit command, the following output appears: 
    [edit]
    user@host# commit

    [edit firewall family inet filter test]
        warning: filter is missing final 'then accept' rule
    commit complete
  5. Issue the show firewall command. The following output appears: 
    [edit]
    user@host# show firewall

    policer sgt-friday {
        if-exceeding {
            bandwidth-percent 10;
            burst-size-limit 250k;
        }
        then discard;
    }
    family inet {
        filter test {
            term one {
                from {
                    interface t1-0/0/0;
                }
                then {
                    count ten-network;
                    discard;
                }
            }
            term two {
                from {
                    forwarding-class assured-forwarding;
                }
                then {
                    discard;
                }
            }
    		
term very-last {

    
			then accept; /* This term was added by a commit script */
            }
        }
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.