ip-action

Syntax

ip-action {(ip-block | ip-close | ip-notify);log;target (destination-address | service | source-address | source-zone | zone-service);timeout seconds;}

Hierarchy Level

[edit security idp idp-policy policy-name rulebase-ips rule rule-name then]

Release Information

Statement introduced in Release 9.2 of Junos OS.

Description

Specify the actions you want IDP to take against future connections that use the same IP address.

Options

The remaining statements are explained separately.

Usage Guidelines

For configuration instructions and examples, see the Junos OS Security Configuration Guide.

Note: For ICMP flows, the destination port is 0; therefore, any ICMP flow matching source port, source address, and destination address is blocked.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.