[j-nsp] How to rate limit ftp traffic

Hannes Gredler hannes at juniper.net
Sat Jun 14 09:09:53 EDT 2003


On Fri, Jun 13, 2003 at 05:00:58PM -0400, hhadiwinoto at hotpop.com wrote:
| Hi all,
| 
| i have simple question related with rate limit ftp traffic. i want to limit
| all the ftp traffic out of my networks..
| 
| i have configured rate-limit as below,
| 
| from {
|     protocol tcp;
|     source-port [ ftp-data ftp ];
| }
| then {
|     policer ftp-500k;
|     count policer-ftp;
| 
| but it didnt work since most the ftp servers use passive mode which use
| port greater than 1024. any helps will be appreciated.

use port instead of source-port; port implies source-port OR destination-port

/hannes


More information about the juniper-nsp mailing list