Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

family (Firewall)

Syntax

family family-name {filter filter-name {accounting-profile name;enhanced-mode;interface-specific;physical-interface-filter;}prefix-action name {count;destination-prefix-length prefix-length;policer policer-name;source-prefix-length prefix-length;subnet-prefix-length prefix-length;}simple-filter filter-name {term term-name {from {match-conditions;}then {action;action-modifiers;}}}}

Hierarchy Level

[edit firewall],[edit logical-systems logical-system-name firewall]

Release Information

Statement introduced before Junos OS Release 7.4.

Logical systems support introduced in Junos OS Release 9.3.

simple-filter statement introduced in Junos OS Release 7.6.

any family type introduced in Junos OS Release 8.0.

bridge family type introduced in Junos OS Release 8.4 (MX Series routers only).

Statement introduced in Junos OS Release 12.3R2 for EX Series switches.

Description

Configure a firewall filter for IP version 4 (IPv4) or IP version 6 (IPv6) traffic. Only on MX Series routers and EX Series switches, configure a firewall filter for Layer 2 traffic in a bridging environment.

Options

family-name—Version or type of addressing protocol:

  • any—Protocol-independent match conditions.
  • bridge—(MX Series routers only) Layer 2 packets that are part of bridging domain.
  • ethernet-switching—(EX Series switches) Filter Layer 2 (Ethernet) packets and Layer 3 (IP) packets.
  • ccc—Layer 2 switching cross-connects.
  • inet—IPv4 addressing protocol.
  • inet6—IPv6 addressing protocol.
  • mpls—MPLS.
  • vpls—Virtual private LAN service (VPLS).

The remaining statements are explained separately.

Note: The packet lengths that a policer considers depends on the address family of the firewall filter. See Understanding the Frame Length for Policing Packets.

Required Privilege Level

interface—To view this statement in the configuration.

interface-control—To add this statement to the configuration.

 

Related Documentation

 

Published: 2013-07-19

Previous Page Next Page