EasyManuals Logo

Juniper E320 User Manual

Juniper E320
212 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #32 background imageLoading...
Page #32 background image
JUNOSe 7.2.x Policy Management Configuration Guide
16 ! Creating Classifier Control Lists
! Use the protocol option to match a specific protocol number and specify
protocol attributes:
! icmpv6—ICMP type and code
! tcpTCP protocol attributes, such as source and destination port, and
source and destination TCP operator and port
! udp—UDP protocol attributes, such as source and destination port
! For TCP and UDP, use the portQualifier option to specify a single port or a range
of source or destination ports. The portQualifier option is composed of:
! portNumber—Single port number or the beginning of a range of port
numbers
! toPortNumber—End of a range of port numbers
! portOperator—One of the following:
" eq—equal to
" lt—less than
" gt—greater than
" neq—not equal to
" range—range of ports
For example, the following command matches packets from port 75:
host1(config)#ipv6 classifier-list YourListName udp destination-port eq 75
! For TCP, use the tcp-flags keyword and a logical equation (a quotation-enclosed
string using ! for NOT, & for AND) to match one or more of the following TCP
flags: ack, fin, psh, rst, syn, urg. For example:
host1(config)#ipv6 classifier-list telnetConnects tcp destination-port eq 23
tcp-flags "syn & !ack"
! For ICMPv6, use the icmp-type option to specify the icmpType and icmpCode
parameters:
! icmpType—ICMP message type; in the range 0–255
! icmpCode—ICMP message code; in the range 0–255
For example, the following command matches ICMPv6 packets with an ICMP
type of 3 and code of 6:
host1(config)#ipv6 classifier-list listname icmpv6 icmp-type 3 icmp-code 6
! Use the following keywords to configure classification to match route-class
values:
! source-route-class—Classifies on packets associated with a route class
based on the packet’s source address; route-class range is 0–255; default is
0.
! destination-route-class—Classifies on incoming packets associated with a
route class based on the packet’s destination address; route-class range is
0–255; default is 0.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Juniper E320 and is the answer not in the manual?

Juniper E320 Specifications

General IconGeneral
BrandJuniper
ModelE320
CategoryNetwork Router
LanguageEnglish

Related product manuals