[j-nsp] bit field match condition for firewall filter
Patrick Liu
paliu at nortelnetworks.com
Wed May 5 15:20:35 EDT 2004
Hi,
I am trying to find a way to construct a firewall filter with user-defined
bit field match. The desired bit field match conditions are as follow:
- define a know bit position in packet header (reference point)
- specify the first position of the filtered bit pattern in relation to
reference point
- specify the total length that matches the packet criteria
- specify a minimum and maximum target value to apply to the match criterion
The "IP options" and "tcp-flags" match condition on Juniper don't seem to
able to do what I just describe. Anyone have any tips?
More information about the juniper-nsp
mailing list