CISCO pix/asa Shun command equivalent on Junos

Question

does any one knows if there is some equivalent of the shun command on Juniper Junos OS?

The shun command on the ASA Firewall appliance is used to block connections from an attacking host. Packets matching the values in the command are dropped and logged until the blocking function is removed manually or by the Cisco IDS sensor. The format of the command is as following: ASA# shun [source IP] [destination IP]

score 1 · Accepted Answer · edited Oct 31 '17 at 01:08

1

I think there are IP actions like - IP-Block, and IP-Close, something like -

ip-action {
   ip-block;
   target   source-address;}

Checkout the O'Reilly book - "Junos Security", chapters 7 & 8

http://chimera.labs.oreilly.com/books/1234000001633/ch13.html

edited Oct 31 '17 at 01:08

Ben Aveling

125
4

answered Nov 27 '10 at 00:56

user20849

88
3

CISCO pix/asa Shun command equivalent on Junos

1 Answers1