dear good night,
how to configure DNS recursive filter in my MX5 Juniper?
IP DNS: Y.Y.Y.1
authorized network: 10.0.0.0/8
below is configuration, but does not work.
set firewall family inet filter FILTER-DNS term 1 from source-address
10.0.0.0/8
set firewall family inet filter FILTER-DNS term 1 from
destination-address Y.Y.Y.1
set firewall family inet filter FILTER-DNS term 1 from destination-port
53
set firewall family inet filter FILTER-DNS term 1 from protocol udp
set firewall family inet filter FILTER-DNS term 1 from protocol tcp
set firewall family inet filter FILTER-DNS term 1 then accept
set firewall family inet filter FILTER-DNS term 10 from tcp-established
set firewall family inet filter FILTER-DNS term 10 from
destination-address Y.Y.Y.1
set firewall family inet filter FILTER-DNS term 10 then accept
set firewall family inet filter FILTER-DNS term 40 from
destination-address Y.Y.Y.1
set firewall family inet filter FILTER-DNS term 40 then discard
set firewall family inet filter FILTRO-DNS term 50 then accept
by google translator.
thank you for attention.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp