Table 80: Bridge Family Firewall Filter Action Fields for ACX Series Routers
DescriptionAction Field
Accept the packetaccept
Count the packet in the named countercount
Discard the packetdiscard
Classify packet to forwarding classforwarding-class
Packet’s loss priorityloss-priority
Log the packet header information in a buffer within the Packet
Forwarding Engine. You can access this information by issuing
the show firewall log command at the command-line interface
(CLI).
log
Name of policer to use to rate-limit trafficpolicer
Log the packet to the system log file.syslog
Police the packet using a three-colo-policerthree-color-policer
NOTE: Bridge family firewall filters can be applied as an output filter on Layer
2 interfaces. When the Layer 2 interface is on a bridge-domain configured
with the vlan-id statement, ACX series routers can match the outer-vlan of
the packet using the user vlan-id match specified in the bridge family firewall
filter.
Related
Documentation
show firewall•
• clear firewall
• interface-specific (Firewall Filters)
Firewall Filter Match Conditions for VPLS Traffic
In the from statement in the VPLS filter term, you specify conditions that the packet must
match for the action in the then statement to be taken. All conditions in the from
statement must match for the action to be taken. The order in which you specify match
conditions is not important, because a packet must match all the conditions in a term
for a match to occur.
If you specify no match conditions in a term, that term matches all packets.
An individual condition in a from statement can contain a list of values. For example, you
can specify numeric ranges. You can also specify multiple source addresses or destination
Copyright © 2017, Juniper Networks, Inc.1070
ACX Series Universal Access Router Configuration Guide
To Next Page
Loading...
Need help?
General
