Hello,
This is my firewall rule
family ethernet-switching {
filter port1 {
term layer2 {
from {
ether-type arp;
}
then accept;
}
term port1 {
from {
source-address {
192.168.1.0/27;
}
}
then accept;
}
term default-term {
then discard;
}
}
and this is port1 configuration :
ge-0/0/1 {
description "LABEL";
unit 0 {
family ethernet-switching {
vlan {
members vlan1201;
}
filter {
input port1;
}
}
}
}
so my question is right now only 192.168.1.0/27 can send packets to outside and other ip prefixes (such as multicase prefixes) can not send packet towards my router right?
because in brocade when i have apply same acl it does not block multicast prefixes so i want to make sure in juniper all prefixes blocked with this rule except 192.168.1.0/27 ,
my switches are juniper ex4200 48p,
so am i right?
Thanks,