firewall filter family vs no family

Luca · ‎06-11-2009

On a SRX is there any difference between:

set firewall filter blah

and

set firewall family inet filter blah

I think they are the same, since the help menu show this:

ninefoldadmin@sydiprefwl01# set firewall ?
Possible completions:
+ apply-groups         Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> family               Protocol family
> filter               Define an IPv4 firewall filter

and

set firewall family ?
Possible completions:
> any                  Protocol-independent filter
> ccc                  Protocol family CCC for firewall filter
> inet                 Protocol family IPv4 for firewall filter

the options in each seem to be the same.... thoughts?

mhariry · ‎06-01-2011

Hi In old junos versions it was just firewall filter after that it is added family to apply filter in more families like MPLS that's why they added family inet as well. Regarding your question yes you are correct both will give you same result Regards, Mohamed

muhammad_amin · ‎11-11-2009

I think if it's using family there is many option to filter IPv4, v6 etc

erdems · ‎12-30-2008

Hi there,

JUNOS defaults to family inet in firewall filters, so[edit firewall filter blah] and [edit firewall family inet filter blah] will return the same results as you've noticed.

Cheers,

____________________________________________
If you think your question's answered, please
mark the respective post as "Accepted Solution".

Kudos are an excellent way of showing appreciation, too.

firewall filter family vs no family

Re: firewall filter family vs no family

Re: firewall filter family vs no family

Re: firewall filter family vs no family