blob: 3649c47b49d4a5294b2724307b235689b5b939b4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
#
# This is an example policy for capirca
#
header {
comment:: "this is a sample policy to generate Juniper SRX filter"
comment:: "from zone Untrust to zone DMZ."
target:: srx from-zone Untrust to-zone DMZ
}
term test-tcp {
destination-address:: RFC1918
protocol:: tcp udp
logging:: true
action:: accept
}
term test-icmp {
destination-address:: RFC1918
protocol:: icmp
icmp-type:: echo-request echo-reply
action:: accept
}
term default-deny {
action:: deny
}
|
