Creating
a Firewall filter
- Enter into firewall filter mode by creating
a filter with name filter1
- Configure the match-condition
that permit traffic from address 192.168.10.5, and block all other traffic by
creating a term by name term1.
- Create term by name term2 that blocks only the single IP address 196.145.25.5
- Create a term by name term3 that allows traffic from any ip address.
user@R1>configure
[edit]
user@R1#edit firewall family inet filter filter1
[edit firewall family inet filter filter1]
user@R1#set term term1 from source-address 192.168.10.5/24
[edit firewall family inet filter filter1]
user@R1#set term term1 then accept
[edit firewall family inet filter filter1]
user@R1#set term term2 from source-address 196.145.25.5/24
[edit firewall family inet filter filter1]
user@R1#set term term2 then reject
[edit firewall family inet filter filter1]
user@R1#set term term3 then accept
[edit firewall family inet filter filter1]
user@R1#exit
[edit]
[edit]
user@R1#edit firewall family inet filter filter1
[edit firewall family inet filter filter1]
user@R1#set term term1 from source-address 192.168.10.5/24
[edit firewall family inet filter filter1]
user@R1#set term term1 then accept
[edit firewall family inet filter filter1]
user@R1#set term term2 from source-address 196.145.25.5/24
[edit firewall family inet filter filter1]
user@R1#set term term2 then reject
[edit firewall family inet filter filter1]
user@R1#set term term3 then accept
[edit firewall family inet filter filter1]
user@R1#exit
[edit]
No comments:
Post a Comment