diff options
Diffstat (limited to 'policies/sample_srx.pol')
| -rw-r--r-- | policies/sample_srx.pol | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/policies/sample_srx.pol b/policies/sample_srx.pol new file mode 100644 index 0000000..3649c47 --- /dev/null +++ b/policies/sample_srx.pol @@ -0,0 +1,26 @@ +# +# This is an example policy for capirca +# +header { + comment:: "this is a sample policy to generate Juniper SRX filter" + comment:: "from zone Untrust to zone DMZ." + target:: srx from-zone Untrust to-zone DMZ +} + +term test-tcp { + destination-address:: RFC1918 + protocol:: tcp udp + logging:: true + action:: accept +} + +term test-icmp { + destination-address:: RFC1918 + protocol:: icmp + icmp-type:: echo-request echo-reply + action:: accept +} + +term default-deny { + action:: deny +} |