You can check the current policies in a Juniper NetScreen firewall running the ScreenOS operating system, such as a Netscreen-5GT
firewall,
with get policy all, but you can also display just those
policies affecting transmissions from one particular zone to another zone
by adding a from from_zone to to_zone to the end
of the command. E.g. get policy from untrust to trust would show
only those policies that apply to traffic from the untrust zone to the trust
zone.
To view only those policies that apply to a particular service, such
as FTP, I could use get policy from untrust to trust | include FTP.
ns5gt-> get policy from untrust to trust | include FTP
24 Untrust Trust ACME VPN VIP(untrust) FTP Permit enabled ---X-X
25 Untrust Trust ACI VIP(untrust) FTP Permit enabled ---X-X
ns5gt->Steps are listed here that can be used to create a policy that will allow FTP connectivity from external systems to an internal FTP server behind the firewall.
