Betr.: [j-nsp] Wrong order of terms in a firewall filter after
commit?
bart.teunis at imtech.nl
bart.teunis at imtech.nl
Wed Aug 13 14:48:15 EDT 2003
Hi Matti,
Junos will always handle the filters top down so in your example they will
be processed as term1 -> term2 -> term3 unless the action is pointing to
another
defined term
If you please a dummy without any action this will be ignored.........
If you like to insert an term somewhere inbetween tow others you can use
insert <term> before/after <term>
Met vriendelijke groet
Bart Teunis
|---------+----------------------------------->
| | Matti Saarinen |
| | <mjs at cc.tut.fi> |
| | Verzonden door: |
| | juniper-nsp-bounces at puck|
| | .nether.net |
| | |
| | |
| | 08/13/2003 08:33 AM |
| | |
|---------+----------------------------------->
>------------------------------------------------------------------------------------------------------------|
| |
| Aan: juniper-nsp at puck.nether.net |
| cc: |
| Onderwerp: [j-nsp] Wrong order of terms in a firewall filter after commit? |
>------------------------------------------------------------------------------------------------------------|
Am I able to deduce the order of the terms in a certain firewall
filter when I look at the order the counters are displayed in the
output of the "show firewall filter"? At the moment, I believe I am
able to do so.
What I mean is this.
If I issue the comman show firewall filter xyz and I see something
like this:
Filter: xyz
Counters:
Name Bytes Packets
counter3
counter1
counter2
and if I have configured the filter xyz in a following way
term1 {
from { ...
}
then {
count counter1;
}
}
term2 {
from { ...
}
then {
count counter2;
}
}
term3 {
from { ...
}
then {
count counter3;
}
}
do I conclude correctly that the firewall terms are processed in the
following order: term3, term1 and term2?
If I insert the following "dummy" term between terms term2 and term3
term dummy {
then next term;
}
the output of the show firewall filter xyz command changes to:
Filter: xyz
Counters:
Name Bytes Packets
counter1
counter2
counter3
If I now conclude that the processing order of the terms is term1,
term2 and term3, am I right?
The router in question is running JUNOS 5.7, the July 11th service
release.
--
- Matti -
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list