Betr.: [j-nsp] Wrong order of terms in a firewall filter after
commit?
Pekka Savola
pekkas at netcore.fi
Wed Aug 13 19:32:54 EDT 2003
On Wed, 13 Aug 2003 bart.teunis at imtech.nl wrote:
> Junos will always handle the filters top down so in your example they will
> be processed as term1 -> term2 -> term3 unless the action is pointing to
> another
> defined term
[...]
One would think so, but actually that's not the case.
We've even run across bugs caused by improper optimization of terms.
There's even a field alert on one such event.
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
More information about the juniper-nsp
mailing list