[j-nsp] solution to a firewall question

Vijesh Chandran vijesh at juniper.net
Thu Apr 23 13:12:00 EDT 2015

No subsequent term will be considered if a packet matches a term condition. Thats the problem here.

Combining both may not work here I would think.

From: Alexander Arseniev <arseniev at btinternet.com>
Sent: Thursday, April 23, 2015 9:56 AM
To: Vijesh Chandran; juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] solution to a firewall question

"next term" does not work across member filters in a filter list last time I checked.
So You have to combine/move these 2 functionalities into a single filter, which could be a member of filter-list.

On 23/04/2015 16:18, Vijesh Chandran wrote:

Hi all,
  I am wondering if we have a solution to this issue.
  I need two firewall attached to an interface as input-list. e.g.: f1 and f2.
  Input-list [f1 f2]
  f1 to match a condition (all tcp port 80) and accept and count that packet.
  f2 to classify those packets based on code points and push to a forwarding class. Is this possible?


juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>

More information about the juniper-nsp mailing list