Stefan, Processing continues even if there is match and an accept/reject on a preceeding filter.
Jared --- On Tue, 9/16/08, Stefan Fouant <[EMAIL PROTECTED]> wrote: > From: Stefan Fouant <[EMAIL PROTECTED]> > Subject: [j-nsp] EX Series Firewall Filter Configuration > To: "Juniper-Nsp" <juniper-nsp@puck.nether.net> > Date: Tuesday, September 16, 2008, 9:27 AM > Folks, > > I'm curious if anyone here can answer a question about > firewall filter > implementation on the EX Series switches. For input > packets > traversing through the switch, the switch process packets > through the > Port-Based Firewall Filter (PACL), then the VLAN-Based > Firewall Filter > (VACL), and finally the Router-Based Firewall Filter > (RACL). However, > I am curious, if a either a PACL or an VACL has match > conditions which > match the traffic AND has a terminating action of accept or > reject/discard, does the packet get processed by the > ensuing VACLs > and/or RACLs, or is it immediately allowed through without > further > processing (a la normal FF behavior)? > > Thanks in advance. > > Stefan > > -- > Stefan Fouant > Principal Network Engineer > NeuStar, Inc. - http://www.neustar.biz > GPG Key ID: 0xB5E3803D > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
