rule (Services Stateful Firewall)
Syntax
rule rule-name {
match-direction (input | output | input-output);
term term-name {
from {
application-sets set-name;
applications [ application-names ];
destination-address (address | any-ipv4 | any-ipv6 | any-unicast) <except>;
destination-address-range low minimum-value high maximum-value <except>;
destination-prefix-list list-name <except>;
source-address (address | any-ipv4 | any-ipv6 | any-unicast) <except>;
source-address-range low minimum-value high maximum-value <except>;
source-prefix-list list-name <except>;
}
then {
(accept <skip-ids>| discard | reject);
syslog;
}
}
}
Hierarchy Level
[edit services stateful-firewall], [edit services stateful-firewall rule-set rule-set-name]
Description
Specify the rule the router uses when applying this service.
Options
rule-name—Identifier
for the collection of terms that constitute this rule.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.