I understand that this can be done but not quite sure on the specifics.
I have the following scenario:
I have a BGP feed that sends me routes that get tagged with community X:X.
on another interface I want to do the following filtering:
if traffic has a src/dst = a BGP route with community X:X then discard
I understand that this can be done with FBF, this is in the master instance with no VRFs.
I have seen the thread a bit further down and thus have the following:
set routing-options forwarding-table export TESTING-MARKER
set policy-options community TESTING-COMM members 1234:1234
set policy-options policy-statement TESTING-MARKER term one from community TESTING-COMM
set policy-options policy-statement TESTING-MARKER term one then source-class TESTING
set firewall family inet filter Inbound-Filter term unwanted-TESTING from source-class TESTING
set firewall family inet filter Inbound-Filter term unwanted-TESTING then discard
set forwarding-options family inet filter input Inbound-Filter
Questions regarding this:
Do I need an accept clause on the forwarding table filter ( will it default deny )?
By applying this to the forwarding table I no longer have to worry about on which interface the packets come from?