[j-nsp] 14.2 trio flexible firewall matching?
Michael Hare
michael.hare at wisc.edu
Thu Sep 24 10:34:44 EDT 2015
I'm wondering if anyone on list has tried this or gotten decent caveat information on this feature. I intend to lab it but haven't gotten around to it yet.
http://www.juniper.net/documentation/en_US/junos14.2/topics/concept/firewall-filter-flexible-match-conditions-overview.html
Some things I wanted to explore;
* Matching ethernet dst addr bit 8 to count/police ethernet multicast
* Poor man's DNS reflection firewall (counting/policing DNS ANY attempts, aka fkfkfkfz.guru lookups)
-Michael
More information about the juniper-nsp
mailing list