Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring Default Reject Rules with IP Options

This topic describes how to configure default reject rules with IP options. The IP options enable the device to either block any packets with loose or strict source route options or detect such packets and then record the event in the counters list for the ingress interface.

  1. Before you begin, log in with your root account to an SRX Series Firewall running Junos OS Release 22.2R1.

Note:

You can enter the configuration commands in any order and commit all the commands at once.

To configure the default reject rules with IP options:

  1. Configure the screen features to enable IP options.
  2. Specify the name of the security zone and the IDS option object applied to the zone.