[j-nsp] filtering ip-options: record-route

• Next message: Stephen Gill: "RE: [j-nsp] cflowd sampling"
• Previous message: Greg Ketell: "Re: [j-nsp] cflowd sampling"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Has anyone had any success in filtering the "record-route" option in IP
packets?
 
According to the documentation:
http://www.juniper.net/techpubs/software/junos50/swconfig50-interfaces/h
tml/firewall-config15.html
and
http://www.juniper.net/techpubs/software/junos50/swconfig50-interfaces/h
tml/firewall-config13.html
 
you should be able to filter with the "record-route" flag such as:
 
term match-rr {
         from {
             ip-options record-route;
         }
         then {
             count record-route;
             accept;
         }
     }
 
But a commit yields: "record-route" is not a valid IP option keyword.
 
Using the numeric value of seven (7) instead of the key-word, the parser
accepts it, but does RR packets don't seem to match the filter.
 
What gives?
 
-- steve

_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

• Next message: Stephen Gill: "RE: [j-nsp] cflowd sampling"
• Previous message: Greg Ketell: "Re: [j-nsp] cflowd sampling"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:37 EDT