firewall
Syntax
firewall {
family family-name {
filter filter-name {
interface-specific;
micro-segmentation;
term term-name {
from {
match-conditions;
}
then {
action;
action-modifiers;
}
}
}
}
policer policer-name {
filter-specific;
if-exceeding {
bandwidth-limit bps;
burst-size-limit bytes;
}
then {
policer-action;
}
}
three-color-policer policer-name {
action {
loss-priority high then discard;
}
single-rate {
(color-aware | color-blind);
committed-information-rate bps;
committed-burst-size bytes;
excess-burst-size bytes;
}
two-rate {
(color-aware | color-blind);
committed-information-rate bps;
committed-burst-size bytes;
peak-information-rate bps;
peak-burst-size bytes;
}
}
}
Hierarchy Level
[edit]
Description
Configure firewall filters and policers.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
firewall—To view this statement in the configuration.firewall-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 11.1.
Option micro-segmentation introduced in Junos OS Release 22.4R1 for supported EX4100, EX4400, EX4650, and QFX5120 Series switches.