Juniper Networks J-Series User Manual

Page 282

Advertising
background image

1.

Navigate to the top of the configuration hierarchy in either the J-Web or CLI
configuration editor.

2.

Perform the configuration tasks described in Table 136 on page 260.

3.

If you are finished configuring the router, commit the configuration.

4.

To check the configuration, see “Verifying Packet Capture” on page 263.

Table 136: Configuring a Firewall Filter for Packet Capture

CLI Configuration Editor

J-Web Configuration Editor

Task

From the

[edit]

hierarchy level, enter

edit firewall

1.

In the J-Web interface, select
Configuration>View and Edit>Edit
Configuration.

2.

Next to Firewall, click Configure or
Edit.

Navigate to the Firewall level in the
configuration hierarchy.

Set the filter and term name, and define
the match condition and its action.

set firewall filter dest-all term dest-term from

destination-address 192.168.1.1/32

set firewall filter dest-all term dest-term then

sample accept

1.

Next to Filter, click Add new entry.

2.

In the filter name box, type

dest-all

.

3.

Next to Term, click Add new entry.

4.

In the Rule name box, type

dest-term

.

5.

Next to From, click Configure.

6.

Next to Destination address, click
Add new entry.

7.

In the Address box, type

192.168.1.1/32

.

8.

Click OK until you return to the
Configuration page.

Define a firewall filter

dest-all

and a

filter term—for example,

dest-term

—to capture packets with a

particular destination address—for
example,

192.168.1.1/32

.

Enter

set interfaces fe-0/0/1 unit 0 family inet

filter output dest-all

In the configuration editor hierarchy,
select Interfaces.

Navigate to the Interfaces level in
the configuration hierarchy.

1.

In the Interface name box, click
fe-0/0/1.

2.

In the Interface unit number box,
click 0.

3.

Next to Inet, select Yes, and click
Edit.

4.

Next to Filter, click Configure.

5.

In the Output box, type

dest-all

.

6.

Click OK until you return to the
Interfaces page.

Apply the

dest-all

filter to all the

outgoing packets on the
interface—for example,

fe-0/0/1.0

.

(See the interface naming
conventions in the J-series Services
Router Basic LAN and WAN Access
Configuration Guide.)

260

Configuring Packet Capture with a Configuration Editor

J-series™ Services Router Administration Guide

Advertising
See also other documents in the category Juniper Networks Hardware: