Filtering on source and destination IP addresses
The following example shows how to define another firewall instance. This instance contains one rule, which filters packets on both source and destination IP addresses. The rule accepts packets leaving R5 through dp0p1p2 using 10.10.30.46 and destined for 10.10.40.101. It then applies the firewall instance to packets outbound from the 1 virtual interface (vif 1) on the dp0p1p2 interface.
To create an instance that filters on source and destination IP addresses, perform the following steps in configuration mode.
Step | Command |
---|---|
Create the configuration node for the FWTEST-2 firewall instance and its rule 1. This rule accepts traffic matching the specified criteria. |
|
Define a rule that filters traffic on the 10.10.30.46 source IP address. |
|
Define a rule that filters traffic on the 10.10.40.101 destination IP address. |
|
Apply FWTEST-2 to outbound packets on dp0p1p2 vif 40. |
|
Commit the configuration. |
|
Show the configuration. |
|