[j-nsp] EX Feedback

Chris Morrow morrowc at ops-netman.net
Tue Jul 28 08:51:12 EDT 2009



On Tue, 28 Jul 2009, Chuck Anderson wrote:

> On Tue, Jul 28, 2009 at 09:28:04AM +0000, Chris Morrow wrote:
>>
>>
>> On Tue, 28 Jul 2009, Michel de Nostredame wrote:
>>
>>> As for EX4200, does anyone able to config firewall filter that matches
>>> "established" flag of TCP?
>>> We are using EX4200 with JUNOS 9.3R2.8, but not able to do this matching.
>>
>> I think (based on a bug report) you need 9.5<something> which was  turned
>> out 6/9/2009.... You can't do policing though (on the loopback) yet, and
>> some types of matches don't work (source-prefix-list,
>> destination-prefix-list)
>
> I'm using source-prefix-list on a lo0 Routing Engine firewall filter
> on 9.5R2.7 and it appears to be working fine.  I'm not doing

ah cool, they added source-prefix (at least) to 9.5... maybe in 10 we get 
a 'normal' firewall-filter capability on this device.


More information about the juniper-nsp mailing list