template (Services URL Filter)
Syntax
template template-name {
client-interfaces [ client-interface-name1 client-interface-name2 ];
disable-url-filtering;
dns-resolution-interval minutes;
dns-resolution-rate seconds;
dns-retries number;
dns-routing-instance dns-routing-instance-name;
dns-server [ ip-address1 ip-address2 ip-address3 ];
dns-source-interface loopback-interface-name;
routing-instance routing-instance-name;
server-interfaces [ server-interface-name1 server-interface-name2 ];
term term-name {
from {
src-ip-prefix [prefix1 prefix2];
dest-port [port1 port2];
}
then {
accept;
custom-page custom-page;
http-status-code http-status-code;
redirect-url redirect-url;
tcp-reset;
}
}
url-filter-database filename
}
Hierarchy Level
[edit services url-filter profile profile-name]
Description
Configure a URL filter template.
Starting
in Junos OS Release 18.3R1, the template statement is deprecated
and has been replaced by the url-filter-template statement.
The template statement is supported for backward compatibility.
Options
template-name |
Name of the template. |
client-interfaces [ client-interface-name1 client-interface-name2 ] |
The list of client-facing logical interfaces (uplink) on which the URL filtering is configured. This option is mandatory. |
disable-url-filtering |
Disables the filtering of HTTP traffic that contains an embedded IP address (for example, http:/10.1.1.1) belonging to a blocklisted domain name in the URL filter database. |
dns-resolution-interval minutes |
DNS resolution time interval in minutes.
|
dns-resolution-rate seconds |
Number of DNS queries per second sent out from the system before initiating further DNS queries.
|
dns-retries number |
Number of retries for a DNS query in case query fails or times out.
|
dns-routing-instance dns-routing-instance-name |
The VRF on which the DNS server is reachable. This option is mandatory. You can use the default routing instance inet.0 or a defined routing instance. |
dns-server [ ip-address1 ip-address2 ip-address3 ] |
One or more IP (IPv4 or IPv6) addresses of DNS servers to which the DNS queries are sent out. This option is mandatory. |
dns-source-interface loopback-interface-name |
The loopback interface for which source IP address is picked for sending DNS queries. This option is mandatory. |
routing-instance routing-instance-name |
The VRF on which URL filtering feature is configured. This option is mandatory. You can use the default routing instance inet.0 or a defined routing instance. |
server-interfaces [ server-interface-name1 server-interface-name2 ] |
Server-facing interfaces to which traffic is destined. This option is mandatory. The list of server-facing logical interfaces (downlink) on which the URL filtering is configured. This option is mandatory. |
url-filter-database filename |
The filename of the URL filter database. The file should be placed in the /var/db/url-filterd directory, but indicate just the filename here and not the full path. |
The remaining statements are explained separately.
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 17.2.
disable-url-filtering option introduced in Junos
OS Release 17.2R2 and 17.4R1.