family (Firewall)
Syntax
family family-name {
filter filter-name {
accounting-profile name;
enhanced-mode;
interface-specific;
physical-interface-filter;
}
prefix-action name {
count;
destination-prefix-length prefix-length;
policer policer-name;
source-prefix-length prefix-length;
subnet-prefix-length prefix-length;
}
simple-filter filter-name {
term term-name {
from {
match-conditions;
}
then {
action;
action-modifiers;
}
}
}
}
Description
Configure a firewall filter for IP version 4 (IPv4) or IP version 6 (IPv6) traffic. Only on MX Series routers and EX Series switches, configure a firewall filter for Layer 2 traffic in a bridging environment.
Options
family-name—Version or type of addressing protocol:
any—Protocol-independent match conditions.
bridge—(MX Series routers only) Layer 2 packets that are part of bridging domain.
ethernet-switching—(EX Series switches) Filter Layer 2 (Ethernet) packets and Layer 3 (IP) packets.
ccc—Layer 2 switching cross-connects.
inet—IPv4 addressing protocol.
inet6—IPv6 addressing protocol.
mpls—MPLS.
vpls—Virtual private LAN service (VPLS).
The remaining statements are explained separately. See CLI Explorer.
The packet lengths that a policer considers depends on the address family of the firewall filter.
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.
Logical systems support introduced in Junos OS Release 9.3.
simple-filter statement introduced in Junos OS Release 7.6.
any family type introduced in Junos OS Release 8.0.
bridge family type introduced in Junos OS Release 8.4 (MX Series routers only).