Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. nsp>
  3. juniper
Wrong order of terms in a firewall filter after commit?
mjs at cc
Aug 13, 2003, 2:53 AM
Post #1 of 1 (370 views)
Permalink
Am I able to deduce the order of the terms in a certain firewall
filter when I look at the order the counters are displayed in the
output of the "show firewall filter"? At the moment, I believe I am
able to do so.

What I mean is this.

If I issue the comman show firewall filter xyz and I see something
like this:

Filter: xyz
Counters:
Name Bytes Packets
counter3
counter1
counter2


and if I have configured the filter xyz in a following way


term1 {
from { ...
}
then {
count counter1;
}
}
term2 {
from { ...
}
then {
count counter2;
}
}
term3 {
from { ...
}
then {
count counter3;
}
}


do I conclude correctly that the firewall terms are processed in the
following order: term3, term1 and term2?



If I insert the following "dummy" term between terms term2 and term3

term dummy {
then next term;
}

the output of the show firewall filter xyz command changes to:

Filter: xyz
Counters:
Name Bytes Packets
counter1
counter2
counter3

If I now conclude that the processing order of the terms is term1,
term2 and term3, am I right?


The router in question is running JUNOS 5.7, the July 11th service
release.

--
- Matti -

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal