Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


content-filtering (Logical System Security Feature Profile)


Hierarchy Level


Configures the Content Security content-filtering feature for logical systems. The content filtering feature controls file transfers across the gateway by checking traffic against configured filter lists. It evaluates the traffic before all other Content Security features, except Web filtering. You can also configure the default Content Security configuration for content filtering feature profile. If you do not configure any option in the content filtering feature profile, the values configured in the default Content Security configuration are applied.


A license check for the content filtering configuration is performed at the time of commit and provides a warning if a valid license is not installed on the device. Once a valid license is installed on the device then the custom content filtering profile or the default content filtering profile is able to process the traffic. If a license is expired or license is not installed, the content filtering service does not process the traffic.



Protocol block command custom-objects to the content-filtering profile.


Blocks other available content such as exe, http-cookie, java-applet. This is for HTTP only.


Block extensions to the content-filtering profile.


MIME pattern list custom-objects to the content-filtering profile for blocking MIME types.


A message notification to trigger when a content filter is matched.


Protocol permit command custom-objects to the content-filtering profile.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 18.3R1.

Support for configuration in tenant systems introduced in Junos OS Release 19.2R1.