See the following sections:
- source {
- match (equal | greater-than
| less-than | not-equal);
- value
hostname ;
- }
- [edit security idp custom-attack attack-name attack-type signature protocol ip]
Statement introduced in Release 9.3 of JUNOS software.
Specify the IP address of the attacking device.
This statement is supported on SRX-series devices.
match (equal | greater-than | less-than | not-equal)—Match an operand.
value host-name —Match an ip-address or a host name.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
- source {
- address-persistent;
-
- pool
pool-name {
- address
ip-address to ip-address
;
- host-address-base ip-address
;
- overflow-pool (interface
| pool-name
);
- port no-translation | range
high ip-address low ip-address ;
- routing-instance routing-instance-name
;
- }
-
- pool-utilization-alarm {
- clear-threshold threshold-value ;
- raise-threshold threshold-value ;
- }
-
- rule-set rule-set-name {
- from interface [interface-name]
|
- routing-instance [routing-instance-name]
| zone [zone-name];
-
- rule
rule-name {
-
- match {
- destination-address [destination-address];
- source-address [source-address];
- }
-
- then {
- source-nat (off | interface
| pool pool-name );
- }
- }
- to interface [interface-name]
|
- routing-instance [routing-instance-name]
| zone [zone-name];
- }
- }
- [edit security nat]
Statement introduced in Release 9.2 of JUNOS software.
Configure source NAT of services gateway, which allows you to configure the following:
This statement is supported on SRX-series devices.
The remaining statements are explained separately.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.