I get this errror now. If I bind filter to vlan interface, I can not reach SRX and my internet connection goes down
root@FW# show interfaces fe-0/0/3
unit 0 {
family inet {
filter {
input filter-fbf;
}
}
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
[edit]
root@FW# commit check
[edit interfaces fe-0/0/3 unit 0]
'family'
When ethernet-switching family is configured on an interface, no other family type can be configured on the same interface.
error: configuration check-out failed
root@FW# show firewall family inet filter filter-fbf
term 10 {
from {
source-address {
192.194.196.200/32;
192.194.196.201/32;
}
}
then {
routing-instance fbf;
}
}
set routing-options static route 0.0.00/0 next-hop pp0.0
set routing-instances fbf instance-type forwarding
set routing-instances fbf routing-options static route 0.0.0.0/0 next-hop pp0.1
set routing-options interface-routes rib-group inet fbf-group
set routing-options rib-groups fbf-group import-rib [ inet.0 fbf.inet.0]