[j-nsp] Block port 0 traffic
Brian W. Gemberling
bwgember at ptptech.com
Thu Oct 14 22:43:34 EDT 2004
You can use the from
port 0;
that should match either or, or both.
On Thu, 14 Oct 2004, Randy Bush wrote:
>>>> term deny-port-zero {
>>>> from {
>>>> protocol [ tcp udp ];
>>>> source-port 0;
>>>> destination-port 0;
>>>> }
>>>> then {
>>>> count deny-port-zero;
>>>> sample;
>>>> discard;
>>>> }
>>>> }
>
> my read of the manual sez that this will only match packets
> with BOTH dest and source ports of 0.
>
> i think you need two separate terms.
>
> randy
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list