Lukman Prihandika Blog's

Nrimo ing pandum, urip wis ono sing ngatur

Block IP di Juniper

leave a comment »

Sedikit share ilmu ajah kali ini, ada pelanggan minta di block IP nya katakanlah IP-nya sekian-sekian (source: 213.198.75.75 dan 67.18.237.156 serta destinationnya: 202.146.177.179). Nah, berikut step-stepnya :

Ini untuk yang source dulu,

brokenz> edit
Entering configuration mode

{master}[edit]

brokenz# edit firewall filter intruder term intruder-prefixes

{master}[edit firewall filter intruder term intruder-prefixes]
brokenz# show
from {
source-address {

216.227.217.225/32;

{master}[edit firewall filter intruder term intruder-prefixes]
brokenz# set from source-address 213.198.75.75

{master}[edit firewall filter intruder term intruder-prefixes]
brokenz# set from source-address 67.18.239.156

{master}[edit firewall filter intruder term intruder-prefixes]
brokenz# show
from {
source-address {

91.121.89.135/32;
213.198.75.75/32;
67.18.239.156/32;
}
destination-address {

203.83.34.163/32;
205.178.145.65/32;
}
}
then {
count intruder;
discard;
}

{master}[edit firewall filter intruder term intruder-prefixes]
brokenz# commit and-quit synchronize
[edit system services ssh]
‘ssh’
warning: daemon binary /usr/sbin/sshd not found
re0:
configuration check succeeds
re1:
[edit system services ssh]
‘ssh’
warning: daemon binary /usr/sbin/sshd not found
[edit protocols ospf]
‘traceoptions’
warning: No file specified.
commit complete
re0:
commit complete
Exiting configuration mode

{master}
brokenz>

Nah ini untuk yang destination,

brokenz> edit
Entering configuration mode

{master}[edit]

brokenz# edit routing-options static

brokenz# set route 202.146.177.179/32 discard tag 66

{master}[edit routing-options static]

brokenz# commit and-quit synchronize
[edit system services ssh]
‘ssh’
warning: daemon binary /usr/sbin/sshd not found
re0:
configuration check succeeds
re1:
[edit system services ssh]
‘ssh’
warning: daemon binary /usr/sbin/sshd not found
[edit protocols ospf]
‘traceoptions’
warning: No file specified.
commit complete
re0:
commit complete
Exiting configuration mode

{master}
brokenz>

Oke perintahnya seperti contoh di atas.

Written by brokenz1

December 9, 2009 at 11:13 am

Posted in Juniper

Tagged with , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: