[j-nsp] Filters and Logging

Alastair Galloway ag at a.co.nz
Fri Feb 25 04:14:30 EST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Peder,

| -----Original Message-----
| From: juniper-nsp-bounces at puck.nether.net
| [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
| info at beprojects.com
|
| OK, this is going to sound dumb, but I can't figure out where my
| J2300 is logging denied packets. If I setup a filter with the
| following:
|
| filter SAMPLE {
| [snip]
|   	term DENYALL {
|              then {
|                  count DENYCOUNT;
|                  log;
|                  discard;
|          }
|       }
|    }
|
| It works the way it should, but I can't find the denied packets. I
| check "show firewall log" and I see a bunch of packets with A
| (accept), which I am not logging, but I don't see any denied packets.

This one caught me out once, until I notice this line in the documentation:

~        discard - The packet is not accepted and is not processed
~                  further. Discarded packets cannot be logged or
~                  sampled.

I found it in the JUNOS 6.1 documentation but happily the URL is the
same for 7.1 - just changing the 6 ot a 7 does finds it:
http://www.juniper.net/techpubs/software/junos/junos71/swconfig71-policy/html/firewall-config8.html#1014076


Cheers,

Alastair Galloway

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCHuxx7L4uFx/M2usRAojhAJ9AC04IyHYw6XljhaymbfmzBWatggCfbPH2
b3MxQM9mt/mnnZhYjZy4Oxc=
=9rb+
-----END PGP SIGNATURE-----



More information about the juniper-nsp mailing list