[j-nsp] Applying firewall filter to pfe

Erdem Sener erdems at gmail.com
Mon Apr 17 10:08:12 EDT 2006


Hello,

 Doest anyone know a way to filter/police a source-address and/or
destination-address routerwide?

 I mean, let's assume we have an M series router with a bunch of
interfaces. Let's add a source address 1.2.3.4/32 that we don't want
to transit via any interface over the router.

 Because we're talking about the transit traffic, applying firewall
filter on the loopback interface wouldn't work. I've tried applying a
firewall filter to fxp1, which ended with a commit fail and dcd dump
:)

 any ideas besides applying a firewall filter to _all_ interfaces?

 Thank you,
 Erdem



More information about the juniper-nsp mailing list