rule (Security Exempt Rulebase)
Syntax
rule rule-name {
description text;
match (Security IDP Policy) {
attacks (Security IPS Rulebase) {
custom-attack-groups [attack-group-name];
custom-attacks [attack-name];
dynamic-attack-groups [attack-group-name];
predefined-attack-groups [attack-group-name];
predefined-attacks [attack-name];
}
destination-address (Security IDP Policy) ([address-name] | any | any-ipv4 | any-ipv6);
destination-except [address-name];
from-zone (zone-name | any );
source-address ([address-name] | any | any-ipv4 | any-ipv6);
source-except [address-name];
to-zone (zone-name | any);
}
}
Hierarchy Level
[edit security idp idp-policy policy-name rulebase-exempt]
Description
Specify exempt rule to create, modify, delete, and reorder the rules in a rulebase.
Options
rule-name—Name of the exempt rulebase rule.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 9.2.