SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  difference between firewall filter and firewall family inet filter?

    Posted 10-31-2016 09:14

    I always use the set firewall filter ... command, but I've seen that many people use the set firewall family inet filter ... command, and I cannot see difference between those commands.

     

    I mean, both of them can be used in an in/out interface and, as I see, both of them could have the same match and actions commands...



  • 2.  RE: difference between firewall filter and firewall family inet filter?
    Best Answer

     
    Posted 10-31-2016 10:22

    Both are one and the same :

     

    v4 is the default filter family that is supported 

     

    set firewall ?
    Possible completions:
    + apply-groups Groups from which to inherit configuration data
    + apply-groups-except Don't inherit configuration data from these groups
    > atm-policer Atm policer
    > family Protocol family
    > filter Define an IPv4 firewall filter

     

    The family family-name statement is required only to specify a protocol family other than IPv4. To configure an IPv4 firewall filter, you can configure the filter at the [edit firewall] hierarchy level without including the family inet statement, because the [edit firewall] and [edit firewall family inet] hierarchy levels are equivalent.

     

     

     

     

     

    You can use below link for reference:

     

    http://www.juniper.net/documentation/en_US/junos16.1/topics/concept/firewall-filter-stateless-guidelines-for-configuring.html

     

    Please mark this as accepted solution, if you think it solves your question