[j-nsp] Problems when filtering ip addresses in Juniper
Stacy W. Smith
stacy at acm.org
Fri Dec 30 12:40:03 EST 2005
On Dec 30, 2005, at 1:13 AM, Gökhan Gümüş wrote:
> Hi all,
>
> I have a problem about filtering ip addresses in JUNOS.I want to set a
> filter like that:
>
> firewall {
> filter kuyrugu_adrese_atamak_icin {
> term 1 {
> from {
> -------------------------> i want to match this ip
> address "10.10.x.90" |
>
> then {
> forwarding-class voice;
> accept;
>
> * I want to match only first,second,fourth digit in this is
> address.I dont
> care about thirth digit.In cisco we can make this with wildcard
> mask..Is
> there any command in JUNOS which solve my problem?
[edit firewall filter example term first]
lab at j6300# show
from {
address {
10.10.0.90/255.255.0.255;
}
}
On a separate note, I highly suggest you use the destination-address
and/or source-address match conditions instead of the address match
condition. The address match condition can have some unexpected
results as discussed in the documentation.
--Stacy
More information about the juniper-nsp
mailing list