[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
Minimum Firewall Filter Configuration
To configure a firewall filter, you must perform
at least the following tasks:
- Configure firewall filters—To configure firewall
filters, include the family family-name statement and one or more filter statements at the [edit firewall] hierarchy level:
- [edit firewall]
-
family family-name {
-
-
filter filter-name {
-
-
term term-name {
-
- from {
-
match-conditions;
- }
-
- then {
-
action;
-
action-modifiers;
- }
- }
- }
- }
- Apply firewall filters to interfaces—Firewall filters
control local packets to and from the Routing Engine if they are applied
to the loopback interface, lo0. With the Internet Processor
II application-specific integrated circuit (ASIC), firewall filters
can control data packets through the routing platform when they are
applied to an external interface. To have a firewall filter take effect,
you must apply it to an interface by including the filter statement at the [edit interfaces interface-name unit logical-unit-number family family-name] hierarchy level:
- [edit interfaces interface-name unit logical-unit-number family family-name]
- filter {
- input filter-name;
- output filter-name;
- }
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
