On Wed, 18 Mar 2020 16:02:09 +0000 Saku Ytti <[email protected]> wrote: > It is completely broken, you use 'port' so you expose every port in your > system.
Ha, OK thanks. I think that would require some not so easy spoofing unless I'm missing something. We can convert any statement that just uses port to directional, which I think will require additional rules to tighten it up. Feel free to submit example configs. John _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
