Configuring Dynamic Firewall Filter Services for Use in Dynamic Profiles
Firewall filters provide rules that define whether to permit or deny packets that are transiting an interface on a router. You can configure firewall filters for use in dynamic profiles. After you configure dynamic firewall filters, you can specify which filters you want to apply to subscriber interfaces using a dynamic profile.
To create a firewall filter:
- Create and name a firewall filter.[edit]user@host# edit firewall filter fw_fltr_af41
- Specify the filter to be interface specific.[edit firewall filter fw_fltr_af41]user@host# set interface-specific
- Edit a first term for the firewall filter.[edit firewall filter fw_fltr_af41]user@host# edit firewall filter fw_fltr_af41 term 1
- Set the from match condition.[edit firewall filter fw_fltr_af41 term 1]user@host# set from dscp af41
- Set the then action to take when a match occurs.[edit firewall filter fw_fltr_af41 term 1]user@host# then count c2 accept
- Edit a second term for the firewall filter.[edit firewall filter fw_fltr_af41]user@host# edit firewall filter fw_fltr_af41 term 2
- Set the then action to take when a match occurs
for term 1.[edit firewall filter fw_fltr_af41 term 1]user@host# then accept
- Apply the dynamic firewall filter to interfaces using
a dynamic profile.
See Configuring a DHCP Dynamic Profile for the Triple Play Solution.
Related Topics
- Configuring Top-Level Broadband Subscriber Management Elements
- Dynamic Firewall Filters Overview
- Dynamic Profiles Overview
- Junos Policy Framework Configuration Guide
