Versions Compared

Old Version 1

changes.mady.by.user Jean-luc KRIKER

Saved on

compared with

New Version 2

changes.mady.by.user Jean-luc KRIKER

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


EX can only count packet sent to the kernel ( BCM limitation )

https://kb.juniper.net/InfoCenter/index?page=content&id=KB16185



jlk@ex4600-1# show | display set
set firewall family ethernet-switching filter inputethfilter term first then count inputethcounter
set firewall family ethernet-switching filter outputethfilter term first then count outputethcounter


jlk@ex4600-1> show configuration interfaces ge-0/0/1.456 | display set
set interfaces ge-0/0/1 unit 456 vlan-id 456
set interfaces ge-0/0/1 unit 456 family ethernet-switching filter input inputethfilter
set interfaces ge-0/0/1 unit 456 family ethernet-switching filter output outputethfilter


filter for IP:

set firewall filter dasad term sdasd from source-address 0.0.0.0/0
set firewall filter dasad term sdasd then count mycounter


set interfaces ge-0/0/1 unit 456 family inet filter input dasad