Syntax
then {
action;
action-modifiers;
}
Description
Configure a firewall filter action.
Options
| action |
Actions to accept, discard, or forward
packets that match all conditions specified in a filter term.
Starting in Junos OS Release 18.4R1, two new actions – port-mirror and port-mirror-instance – are added for all match conditions,
which enable selective port mirroring of MPLS traffic to a mirrored destination.
The port-mirror action enables port mirroring globally on the device, which
applies to all Packet Forwarding Engines (PFEs) and associated interfaces.
The port-mirror-instance action enables you to customize each instance with
different properties for input sampling and port mirroring output destinations, instead of
having to use a single system-wide configuration for port mirroring.
Note: You can configure only two port mirroring instances per Flexible PIC Concentrator
(FPC) by including the instance port-mirror-instance-name statement at the [edit forwarding-options port-mirror] hierarchy level. You can then associate individual
port mirroring instances with an FPC, PIC, or (Forwarding Engine Board (FEB) depending on
the device hardware.
For both port-mirror and port-mirror-instance actions, the
output interface must be enabled with Layer 2 family and not family MPLS (Layer 3) for the
selective port mirroring feature to work.
|
| action-modifiers |
Additional actions to analyze,
classify, count, or police packets that match all conditions specified in a filter term.
|
Required Privilege Level
firewall—To view this statement in the configuration.firewall-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 11.1.
