[j-nsp] EX Feedback
Chuck Anderson
cra at WPI.EDU
Tue Jul 28 08:41:04 EDT 2009
On Tue, Jul 28, 2009 at 09:28:04AM +0000, Chris Morrow wrote:
>
>
> On Tue, 28 Jul 2009, Michel de Nostredame wrote:
>
>> As for EX4200, does anyone able to config firewall filter that matches
>> "established" flag of TCP?
>> We are using EX4200 with JUNOS 9.3R2.8, but not able to do this matching.
>
> I think (based on a bug report) you need 9.5<something> which was turned
> out 6/9/2009.... You can't do policing though (on the loopback) yet, and
> some types of matches don't work (source-prefix-list,
> destination-prefix-list)
I'm using source-prefix-list on a lo0 Routing Engine firewall filter
on 9.5R2.7 and it appears to be working fine. I'm not doing
tcp-established, though. I am matching protocols and udp source ports
as well.
More information about the juniper-nsp
mailing list