Junos OS

hello guys, is this a write one:

set applications application all_tcpx protocol tcp
set applications application all_tcpx source-port 0-65535
set applications application all_tcpx destination-port 25-25
set applications application all_tcpx destination-port 993-993

just get the idea from this link:

http://www.juniper.net/documentation/en_US/junos12.1x46/topics/example/security-custom-application-configuring.html

Thank you for any help.

Hello ,

Your configuration may allow only either one of the 2 destionation port  25 or 993 , if you create this under same term the one will be overwitten by other as below :

application all_tcpx {
    protocol tcp;
    source-port 0-65535;
    destination-port 993-993;
}

Instead , creat with 2 terms like below :

set applications application all_tcpx term 1 protocol tcp
set applications application all_tcpx term 1 source-port 0-65535
set applications application all_tcpx term 1 destination-port 25
set applications application all_tcpx term 2 protocol tcp
set applications application all_tcpx term 2 source-port 0-65535
set applications application all_tcpx term 2 destination-port 993

eg :

root# show applications
application all_tcpx {
    term 1 protocol tcp source-port 0-65535 destination-port 25;
    term 2 protocol tcp source-port 0-65535 destination-port 993;
}

is the keyword term equivalent to the "+" command in netscreen like:

set service "x_ports" protocol tcp src-port 0-65535 dst-port 993-993
set service "x_ports" + tcp src-port 0-65535 dst-port 995-995
set service "x_ports" + tcp src-port 0-65535 dst-port 465-465

Thanks.

Hello ,

Yes , its kind of adding sub hierarchy in the same application . Its used to maintain the same application name , that's all .

Thank you very much for you help, Sam.