This filter samples and then passes all traffic. What am I missing ?
filter egress {
term sample {
then sample;
}
term block_reserved {
from {
prefix-list {
egress-filter;
}
}
then {
count privaddrblock;
log;
reject administratively-prohibited;
}
}
term catchall {
then accept;
}
}
prefix-list egress-filter {
0.0.0.0/8;
10.0.0.0/8;
127.0.0.0/8;
169.254.0.0/16;
172.16.0.0/12;
192.0.2.0/24;
192.168.0.0/16;
224.0.0.0/4;
240.0.0.0/5;
248.0.0.0/5;
255.255.255.255/32;
}
From cmartin@gnilinkÕõÅ;
Received: from someone claiming to be
entmail.gnilink.net (entmail.gnilink.net [199.45.47.10])
ÕõÅ;pu
for <juniper-nsp@puck.nether.net>; Tue, 29 May 2001 23:37:11 -040ÕõÅ;en
Received-Date: Tue, 29 May 2001 23:37:11 -0400
Received: by entmail.gnilink.com with InteÕõÅ; M
id <KX9YJVGL>; Tue, 29 May 2001 23:36:15 -0400
Message-ID: <94B9091E1149D411A45C00508BACEB359CDMíÅ;en
To: "'Anthony Pardini'" <tony@pardini.org>, juniper-nspÕõÅ;k.
Subject: RE: [j-nsp] Question about filtering
Date: Tue, 29 May 2001 23:36:05 -0400
MIME-Version: 1.0
X-Mailer:ÕõÅ;er
Content-Type: text/plain;
charset="iso-8859-1"
The first term, 'sample', is matching all ÕõÅ;et
to the filters.
What are you trying to do?
chris
> -----Original Message-----
> From: AnthoÕõÅ;ar
> Sent: Tuesday, May 29, 2001 3:10 PM
> To: juniper-nsp@puck.nether.net
> Subject: [j-nsp] ÕõÅ;ti
>
>
>
> This filter samples and then passes all traffic. What am I
> missing ?
>
>
> filter egÕõÅ; {
> then sample;
> }
> term block_reserved {
> from {
ÕõÅ;
> egress-filter;
> }
> }
> thenÕõÅ;
> log;
> reject administratively-prohibited;
> ÕõÅ;
>
> term catchall {
> then accept;
> }
> }
>
>
> prefix-list egÕõÅ;-f
> 0.0.0.0/8;
> 10.0.0.0/8;
> 127.0.0.0/8;
> 169.254.0.0/16;
> 172.16.ÕõÅ;12
> 192.168.0.0/16;
> 224.0.0.0/4;
> 240.0.0.0/5;
> 248.0.0.0ÕõÅ;>
> }
>
This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:42 EDT