[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
Example: Do Not Test Packet Protocol
The first term matches all packets except for TCP
and UDP packets, so only TCP and UDP packets are evaluated by
the third term (term test-a-port):
- [edit]
- firewall {
-
- family inet {
-
- filter test-filter {
-
- term all-but-tcp-and-udp {
-
- from {
- protocol-except [tcp udp];
- }
- then accept;
- }
-
- term test-an-address {
-
- from {
- address 192.168/16;
- }
- then reject;
- }
-
- term test-a-port {
-
- from {
- destination-port [ssh dns];
- }
- then accept;
- }
-
- term dump-anything-else {
- then reject;
- }
- }
- }
- }
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
