rendered paste bodyben@ndc-sec0# show | compare rollback 3
[edit security policies]
from-zone dc-infrastructure-untrust to-zone dc-infrastructure-trust { ... }
+ from-zone privileged to-zone routing {
+ policy default-permit {
+ match {
+ source-address any;
+ destination-address any;
+ application any;
+ }
+ then {
+ permit;
+ }
+ }
+ }
+ from-zone routing to-zone privileged {
+ policy ssh {
+ match {
+ source-address any;
+ destination-address netdev;
+ application junos-ssh;
+ }
+ then {
+ permit;
+ }
+ }
+ }
[edit security policies]
- default-policy {
- permit-all;
- }
[edit security zones security-zone privileged]
+ address-book {
+ address netdev 62.121.1.0/24;
+ }