[j-nsp] Filtering and policer examples

Jonathan Disher jdisher at macrovision.com
Wed Dec 28 18:51:02 EST 2005

I have been working on some filters for our edge router, and could use
some assistance.  We have a high-risk externally-available resource that
I'd like to filter outside traffic to, which I have somewhat of a handle
on, but I'd also like to apply some rate limiting policers to it as
well.  Does anyone have any resources (besides the Policy Framework
Configuration Guide, which I've been reading) for writing firewall
filters and traffic policers?  Examples would be even better.

What I am trying to do is discard all traffic to a single address,
except for a small range of tcp ports.  All other traffic traversing the
filtered interfaces should be allowed to pass uninterrupted.

Thanks for any help.

--Jonathan Disher, Senior Systems and Network Engineer
--Macrovision Corporation, Santa Clara, CA
--[w] +1.408.562.8524 | [m] +1.408.829.2956 | [e]
jdisher at macrovision.com

More information about the juniper-nsp mailing list