[j-nsp] preventing DoS attacks
Stefan Fouant
sfouant at gmail.com
Mon Feb 16 20:07:31 EST 2009
On Mon, Feb 16, 2009 at 5:01 PM, Amos Rosenboim <amos at oasis-tech.net> wrote:
> As far as I remember firewall-filters can also combine policers within them
> (not sure about this), so if I understand your requirement correctly, a
> firewall filter on lo0.0 will achieve your goal.
Yes absolutely, you can configure policers as part of a
firewall-filter term using the 'then policer' action condition. This
is useful when you want to limit your policer to certain traffic that
you match in your 'from' stanza. Alternatively, you can apply the
policer to your interface if you simply want to apply a single policer
to all the traffic flowing through a given interface.
--
Stefan Fouant
Yesterday it worked.
Today it is not working.
Windows is like that.
More information about the juniper-nsp
mailing list