Re: setup firewall

• Next message: Dmitri Kalintsev: "Netflow question"
• Previous message: Daniel Golding: "RE: [j-nsp] filtering on prefix length"
• In reply to: Barany: "setup firewall"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

> Now I am working on setup a M40 as a broader router, at the up-stream
> interface, I want to setup a firewall filter. Does anyone have
> experience in setup a similiar thing ? I have configured same thing on
> CIsco product but this is the first time to use Juniper router. I hope
> that you all can share some experience to me.

Attached is an example from one of my routers. There is more stuff
that you can do with it but I have not investigated it.
        --asp

firewall {
    filter ssh {
        term permit {
            from {
                source-address {
                    198.6.255.0/24;
                }
                protocol tcp;
                destination-port [ ssh telnet ];
            }
            then accept;
        }
        term deny {
            from {
                protocol tcp;
                destination-port [ ssh telnet ];
            }
            then {
                count ssh-deny;
                log;
                reject port-unreachable;
            }
        }
        term remainder {
            then accept;
        }
    }
}

• Next message: Dmitri Kalintsev: "Netflow question"
• Previous message: Daniel Golding: "RE: [j-nsp] filtering on prefix length"
• In reply to: Barany: "setup firewall"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:41 EDT