>>> On 5/18/2011 at 12:20 PM, "Scott T. Cameron" <routeh...@gmail.com> wrote: > Does anyone have a trick for logging all policies? I'm not particularly > fond of going and tagging each policy with "log". > > Worse, is there a way to flag the default-policy with a log statement? I > have deny-all and no options that follow, would be nice to catch them all > with a log as well. > > Scott > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp
# set group log-all-policies security policies from-zone <*> to-zone <*> policy <*> then log session-init # set security policies apply-group log-all-policies -- Crist Clark Network Security Specialist, Information Systems Globalstar 408 933 4387 _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp