To Next Page

To Previous Page

JUNOSe 7.2.x Policy Management Configuration Guide

12 ! Creating Classifier Control Lists

! Use the sourceAddress and destinationAddress options to classify traffic based on

source and destination addresses. You can specify the address as a host

address, a subnet, or a wildcard. If you specify the address as a subnet, the

mask, in binary notation, must be a series of contiguous zeros, followed by a

series of contiguous ones. The any keyword is the address wildcard, matching

traffic for any address.

! In the following example, traffic is classified on any source or destination

address:

host1(config)#ip classifier-list YourListName ip any any

! In the following example, traffic is classified on source host address

10.10.10.10 and any destination address:

host1(config)#ip classifier-list YourListName ip host 10.10.10.10 any

! In the following example, traffic is classified on source address subnet

10.10.x.x and destination host address 10.10.10.2:

host1(config)#ip classifier-list YourListName ip 10.10.0.0 0.0.255.255 host

10.10.10.2

! Use the sourceQualifier option to specify a single TCP or UDP port or a range of

ports. The sourceQualifier option is composed of:

! portNumber—Single port number or the beginning of a range of port

numbers

! portOperator—One of the following:

" eq—equal to

" lt—less than

" gt—greater than

" neq—not equal to

" range—range of ports

! toPortNumber—End of a range of port numbers

For example, the following command matches packets with source address

198.168.30.100 and UDP source port numbers in the range 1–10:

host1(config)#ip classifier-list YourListName udp host 192.168.30.100 range 1

10 any

! Use multiple elements in classifier lists to configure classification to match any

of multiple field combinations. The behavior of multiple-element classifier-list

classification is the logical OR of the elements in the CLACL. For example, to

match all packets that have a source IP address of 192.168.30.100 or have a

destination IP address of 192.168.30.200:

host1(config)#ip classifier-list boston5 ip host 192.168.30.100 any

host1(config)#ip classifier-list boston5 ip any host 192.168.30.200

The classifier control list boston5 matches all packets with the source IP

address of 192.168.30.100 or with the destination IP address of

192.168.30.200.

Brand	Juniper
Model	E Series
Category	Network Router
Language	English

Juniper E Series Configuration Guide

Table of Contents

Other manuals for Juniper E Series

Questions and Answers:

Juniper E Series Specifications

Related product manuals