[j-nsp] inet forwarding-options filter in a VRF routing-instance
Sorin CONSTANTINESCU
consta at gmail.com
Sat Dec 3 13:10:20 EST 2005
Hi, all.
I need to filter traffic from a specific source inside a vrf
routing-instance. I have an M7i running 7.3R1.5.
The problem is that i don't get any matches on any of the counters.
=== cut here ===
adonay at M7i> show firewall filter filter-vrf-customer
Filter: filter-vrf-customer
Counters:
Name Bytes Packets
counter-customer-deny-1.2.3.4 0 0
counter-filter-vrf-customer-accept 0 0
adonay at M7i>
=== and here ===
Here's my config. Thanks,
=== cut here ===
adonay at M7i# show firewall family inet filter filter-vrf-customer
term 1 {
from {
source-address {
1.2.3.4/32;
}
}
then {
count counter-customer-deny-1.2.3.4;
discard;
}
}
term 2 {
then {
count counter-filter-vrf-customer-accept;
accept;
}
}
[edit]
adonay at M7i#
adonay at M7i# show routing-instances vrf-customer-internet forwarding-options
family inet {
filter {
input filter-vrf-customer;
}
}
[edit]
adonay at M7i#
=== and here ===
--
Sorin CONSTANTINESCU
JNCIS-M, CCNP
consta at gmail.com
More information about the juniper-nsp
mailing list