Table 79: Bridge Family Firewall Filter Match Conditions for ACX Series Routers
DescriptionMatch Condition
Set the groups from which to inherit configuration dataapply-groups
Set which groups will not broadcast configuration dataapply-groups-except
Set the destination MAC addressdestination-mac-address
Match the TCP/UDP destination portdestination-port
Match IP destination prefixes in named list.destination-prefix-list
Match the Differentiated Services (DiffServ) code pointdscp
Match the Ethernet typeether-type
Match a ICMP message codeicmp-code
Match a ICMP message typeicmp-type
Match an interface groupinterface-group
Match an IP destination addressip-destination-address
Match an IP precedence valueip-precedence
Match an IP protocol typeip-protocol
Match an IP source addressip-source-address
Match the learned 802.1p VLAN Prioritylearn-vlan-1p-priority
Match user VLAN ID DEI bitlearn-vlan-dei
Match a learnt VLAN IDlearn-vlan-id
Set the source MAC addresssource-mac-address
Match IP source prefixes in named list.source-prefix-list
Match a TCP/UDP source portsource-port
Match user 802.1p VLAN Priorityuser-vlan-1p-priority
Match a user VLAN IDuser-vlan-id
Match a VLAN Ethernet typevlan-ether-type
Table 80 on page 1070 shows the action fields supported.
1069Copyright © 2017, Juniper Networks, Inc.
Chapter 32: Configuring Firewall Filters
To Next Page
Loading...
Need help?
General
