Andrew Thrift
2018-07-02 05:32:21 UTC
Hello List,
So I have been using nested firewall filters for a long time now in the
format of:
term v4-accept-bgp {
filter v4-accept-bgp;
}
from a parent filter statement. This then calls the "v4-accept-bgp"
filter.
Recently I thought, I wonder if I can do this with policy-statements to
group some common functions into classes and then call them from a master
policy-statement per peer type. This would reduce double entry, simplify
the import/export statement per peer, and reduce the chance of human
error. I googled around for a bit, and re-read the doc's but I cannot
find a way to achieve this.
Is this possible, or am I am being too wishful ?
Regards,
Andrew
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
So I have been using nested firewall filters for a long time now in the
format of:
term v4-accept-bgp {
filter v4-accept-bgp;
}
from a parent filter statement. This then calls the "v4-accept-bgp"
filter.
Recently I thought, I wonder if I can do this with policy-statements to
group some common functions into classes and then call them from a master
policy-statement per peer type. This would reduce double entry, simplify
the import/export statement per peer, and reduce the chance of human
error. I googled around for a bit, and re-read the doc's but I cannot
find a way to achieve this.
Is this possible, or am I am being too wishful ?
Regards,
Andrew
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp