[j-nsp] filter DNS Recursive MX5 Juniper
cleber at s4networks.com.br
cleber at s4networks.com.br
Sun May 29 20:52:19 EDT 2016
dear good night,
how to configure DNS recursive filter in my MX5 Juniper?
IP DNS: Y.Y.Y.1
authorized network: 10.0.0.0/8
below is configuration, but does not work.
set firewall family inet filter FILTER-DNS term 1 from source-address
10.0.0.0/8
set firewall family inet filter FILTER-DNS term 1 from
destination-address Y.Y.Y.1
set firewall family inet filter FILTER-DNS term 1 from destination-port
53
set firewall family inet filter FILTER-DNS term 1 from protocol udp
set firewall family inet filter FILTER-DNS term 1 from protocol tcp
set firewall family inet filter FILTER-DNS term 1 then accept
set firewall family inet filter FILTER-DNS term 10 from tcp-established
set firewall family inet filter FILTER-DNS term 10 from
destination-address Y.Y.Y.1
set firewall family inet filter FILTER-DNS term 10 then accept
set firewall family inet filter FILTER-DNS term 40 from
destination-address Y.Y.Y.1
set firewall family inet filter FILTER-DNS term 40 then discard
set firewall family inet filter FILTRO-DNS term 50 then accept
by google translator.
thank you for attention.
More information about the juniper-nsp
mailing list