match (Security IDP Policy)
Syntax
match {
attacks (Security Exempt Rulebase) {
custom-attack-groups [attack-group-name];
custom-attacks [attack-name];
dynamic-attack-groups [attack-group-name];
predefined-attack-groups [attack-group-name];
predefined-attacks [attack-name];
}
destination-address (Security IDP Policy) ([address-name] | any | any-ipv4 | any-ipv6);
destination-except [address-name];
from-zone (Security IDP Policy) (zone-name | any );
source-address (Security IDP Sensor Configuration) ([address-name] | any | any-ipv4 | any-ipv6);
source-except [address-name];
to-zone (Security IDP Policy) (zone-name | any);
}
Hierarchy Level
[edit security idp idp-policy policy-name rulebase-exempt rule rule-name] [edit security idp idp-policy policy-name rulebase-ips rule rule-name]
Description
Specify the rules to be used as match criteria.
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 9.2.