[j-nsp] EX4200 filter buggy?
Charlie Allom
charlie at playlouder.com
Wed Dec 15 09:16:11 EST 2010
Hello. Thanks for all the stories from everyone.
I disabled some pretty nasty (lots of port matches) terms and the issue
went away for a few weeks.
I've just edited this term, by adding an IP to the destination-prefix-list:
[edit firewall family ethernet-switching filter ci_infra]
- term splunk {
- from {
- protocol [ tcp udp ];
- destination-port [ 9997 http 9998 syslog ];
- source-prefix-list {
- trusted_nets;
- }
- destination-prefix-list {
- ci_splunk;
- }
- }
- then accept;
- }
And here we are again.. doh.
last pid: 55690; load averages: 1.00, 1.00, 0.84 up 29+03:39:44 14:12:55
112 processes: 5 running, 88 sleeping, 19 waiting
Mem: 203M Active, 21M Inact, 91M Wired, 61M Cache, 110M Buf, 606M Free
Swap:
PID USERNAME THR PRI NICE SIZE RES STATE TIME WCPU COMMAND
832 root 1 129 0 81544K 37152K RUN 36.8H 96.19% pfem
I am waiting for it to calm down again, do you think splitting the term
into a TCP and UDP version will help?
Regards,
C.
--
+442077294797
http://mediaserviceprovider.com/
More information about the juniper-nsp
mailing list