[j-nsp] Filter odd and even ip address in JUNOS -- configuration revised

Kae Hsu kae at du.net.tw
Wed Feb 8 03:10:40 EST 2006 

Dear all:

After testing, I had to revise the command I wrote before;
Comparing with IOS, the care and don't care bit is reverse in JUNOS.
The correct configuration to isolate odd and even IP address should be:

{master}[edit firewall family inet filter test]
cn at LAB-M40e# show
/* Filter source IP address with odd host number in 192.168.10.0/24 */
term 1 {
      from {
          source-address {
              192.168.10.1/255.255.255.1;
          }
      }
}
/* Filter source IP address with even host number in 192.168.10.0/24 */
term 2 {
      from {
          source-address {
              192.168.10.0/255.255.255.1;
          }
      }
}

{master}[edit firewall family inet filter test]
cn at LAB-M40e#



Best Regards,

Kae Hsu
Communication Network Dept.
Digital United Inc. (AS4780)
http://www.digitalunited.com/


Kae Hsu wrote:
> I got the answer from user guide,
> It is allowed to use wildcard bits style address in filter filter:
> 
> {master}[edit firewall family inet filter test]
> cn at LAB-M40e# show
> /* Filter source IP address with odd host number in 192.168.10.0/24 */
> term 1 {
>      from {
>          source-address {
>              192.168.10.1/0.0.0.254;
>          }
>      }
> }
> /* Filter source IP address with even host number in 192.168.10.0/24 */
> term 2 {
>      from {
>          source-address {
>              192.168.10.0/0.0.0.254;
>          }
>      }
> }
> 
> {master}[edit firewall family inet filter test]
> cn at LAB-M40e#
> 
> 
> Best Regards,
> 
> Kae Hsu
> Communication Network Dept.
> Digital United Inc. (AS4780)
> http://www.digitalunited.com/
> 
> 
> Kae Hsu wrote:
> 
>>Dear all:
>>
>>Does anyone have idea in this issue?
>>OR I can't find this feature in current JUNOS release?
>>Any opinion is welcome, thanks!!!
>>
>>
>>Best Regards,
>>
>>Kae Hsu
>>Communication Network Dept.
>>Digital United Inc. (AS4780)
>>http://www.digitalunited.com/
>>
>>
>>Kae Hsu wrote:
>>
>>
>>>Hello guys:
>>>
>>>In IOS command we can use wildcard bits to accomplish this goal;
>>>For example I can use
>>>access-list 1 permit ip 192.168.10.1 0.0.0.254
>>>to filter "odd" addresses and
>>>access-list 2 permit ip 192.168.10.0 0.0.0.254
>>>to filter "even" addresses from 192.168.10/24
>>>
>>>Could I have a equivalence command(S) in JUNOS??
>>>
>>
>>_______________________________________________
>>juniper-nsp mailing list juniper-nsp at puck.nether.net
>>http://puck.nether.net/mailman/listinfo/juniper-nsp
>>
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list