INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

SRX: Firewall Filter configuration

SRX: Firewall Filter configuration

(OP)
Here, I'm going to block all SSH except from a trusted address and a trusted subnet.

policy-options {
prefix-list Trusted_IP_Address {
1.2.3.4/32;
9.8.7.0/24
}
}
firewall {
family inet {
filter sshFilter {
term Trusted_SSH_Login {
from {
source-prefix-list {
Trusted_IP_Address;
}
protocol tcp;
destination-port ssh;
}
then accept;
}
term Reject_Unknown_SSH {
from {
source-address {
0.0.0.0/0;
}
destination-port ssh;
}
then {
discard;
}
}
term Allow {
then accept;
}
}
}
}
interfaces {
lo0 {
unit 0 {
family inet {
filter {
input sshFilter;
}
}
}
}

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close