blob: abe7034c57697b6fb800b99bed5755f406a57a6a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
create loop int
set int state loop0 up
set int ip addr loop0 10.10.10.10/32
packet-generator new { \
name deny-from-default-route \
limit 1 \
node ip4-input \
size 64-64 \
data { \
UDP: 1.2.3.4 -> 5.6.7.8 \
UDP: 3000 -> 3001 \
length 128 checksum 0 incrementing 1 \
} \
}
packet-generator new { \
name allow \
limit 1 \
node ip4-input \
size 64-64 \
data { \
UDP: 1.1.1.1 -> 5.6.7.8 \
UDP: 3000 -> 3001 \
length 128 checksum 0 incrementing 1 \
} \
}
packet-generator new { \
name deny-from-port-range \
limit 1 \
node ip4-input \
size 64-64 \
data { \
UDP: 1.1.1.1 -> 5.6.7.8 \
UDP: 6000 -> 6001 \
length 128 checksum 0 incrementing 1 \
} \
}
set ip source-and-port-range-check 1.1.1.0/24 range 2000 - 3000 vrf 99
set interface ip source-and-port-range-check pg0 udp-out-vrf 99
show ip source-and-port-range-check vrf 99 1.1.1.1
set ip source-and-port-range-check 1.1.1.0/24 range 4000 - 5000 vrf 99
set ip source-and-port-range-check 1.1.2.0/24 range 4000 - 5000 vrf 99
show ip source-and-port-range-check vrf 99 1.1.1.1
show ip source-and-port-range-check vrf 99 1.1.2.1
set ip source-and-port-range-check 1.1.2.0/24 range 4000 - 5000 vrf 99 del
show ip source-and-port-range-check vrf 99 1.1.2.1
tr add pg-input 100
|
