[j-nsp] Connected Networks in a prefix list ?
Lars Erik Gullerud
lerik at nolink.net
Wed May 26 03:07:56 EDT 2004
On Tue, 2004-05-25 at 20:10, Niels Bakker wrote:
> Can you reference that prefix-list in a firewall entry? (I can't, even
> though "commit check" succeeds, a "commit" bails with a checkout error.)
Hm. It would seem you are right. Tested it a bit more thoroughly now,
and lists with this variant works when called from a firewall term:
apply-path "policy-options policy-statement test-1 term <*> from
route-filter <*>";
(This is how we are using apply-path in our production environment).
However, the variety you want does indeed, as you say, error out when
referenced in a firewall term:
apply-path "interfaces <*> unit <*> family inet address <*>";
My mistake - sorry for the noise.
/leg
More information about the juniper-nsp
mailing list