[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Stateful Firewall Services Configuration Guidelines

To configure stateful firewall services, include the stateful-firewall statement at the [edit services] hierarchy level:

[edit services]
stateful-firewall {
rule rule-name {
match-direction (input | output | input-output);
term term-name {
from {
application-sets set-name;
applications [ application-names ];
destination-address (address | any-unicast) <except>;
destination-address-range low minimum-value high maximum-value <except>;
destination-prefix-list list-name <except>;
source-address (address | any-unicast) <except>;
source-address-range low minimum-value high maximum-value <except>;
source-prefix-list list-name <except>;
}
then {
(accept | discard | reject);
allow-ip-options [ values ];
syslog;
}
}
}
rule-set rule-set-name {
[ rule rule-names ];
}
}

This chapter contains the following sections:

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]