[j-nsp] Cisco Filter
David Gethings
davidg at pipex.net
Tue Dec 28 14:15:18 EST 2004
On Mon, 2004-12-27 at 10:53 +0000, David Gethings wrote:
> Here's the code:
This time here's the correct code! (I read the permit as a deny):
firewall {
filter port135 {
term permit {
from {
source-address {
172.16.1.0/24;
}
destination-address {
172.17.0.0/16;
}
protocol tcp;
port 135;
}
then {
accept;
}
term default {
then {
accept;
}
}
}
If you only want to allow port 135 between these networks then change
the default term from an accept to a discard.
--
Cheers
Dg
More information about the juniper-nsp
mailing list