[j-nsp] filtering ssh session from list of source ip address

Erik Sundberg sunder at appscorp.net
Mon Jan 3 12:23:39 EST 2005


Hello,

How would i go about filtering the source of a ssh session to a m40, from a
list of subnets. I have create a firewall policy, but i don't know to apply
to all ssh sessions, without putting a poilcy on each interface.

I don't need to limit the number ssh of connections/session to the m40

m40, junos 5.7, scb Internet process II

this is the policy that i created

filter ssh-local {
    term 10 {
        from {
            source-address {
			192.168.0.0/24
			192.168.1.0/24
            }
        }
        then accept;
    }
    term 50 {
        then {
            discard;
        }
    }
}


Thanks in advance

erik





More information about the juniper-nsp mailing list