Hi,
I just checked my tracert to google. In the path we can see lo0 interface with its ip address. Probably lo0 is a router-id or probably it is being using for dynamic routing protocol. So if the Firewall Filter is not applied to this Lo0 interface, will my SSH attemp to this lo0 show a SSH_LOGIN_FAILED in the their message log? If the FF is applied, what might be seen?
>tracert 8.8.4.4
Tracing route to dns.google [8.8.4.4]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms Bilolight [10.10.10.1]
2 17 ms 16 ms 26 ms lo0.rras2.sig11.on.ni.net [155.102.32.130]
3 19 ms 19 ms 39 ms l01.tr2.sig10.on.ni.net [155.102.35.175]
4 30 ms 32 ms 37 ms be41.tr2.sig11.on.ni.net [155.102.34.41]
5 28 ms 31 ms 43 ms be45.tr3.sgt2.on.ni.net [155.102.33.36]
6 28 ms 29 ms 30 ms be51.t3.sgt7.on.ni.net [155.102.40.201]
7 36 ms 30 ms 53 ms gw.google.com [155.102.199.234]
8 30 ms 42 ms 30 ms 108.170.247.33
9 30 ms 34 ms 28 ms 209.85.253.177
10 39 ms 29 ms 29 ms dns.google [8.8.4.4]
Trace complete.
Other things....The Junos device mx has multiple interfaces and multiple lo(X) logical interfaces. Each traffic on the each interfaces is different as expected.
In windows we can determine which incoming source addresses to which destination address with netstat -a etc.
In Junos cli (including shell) what is the equivalent of windows command of netstat -ona 2 | find "x.x.x.x" | find "22" regartless what interfces might be.?