Frack, yesterday was bad enough with everything being full of suck playing with the router but today my upstream provider took a dump in the middle of the day.
For real, it's fixed then it isn't and so people call me. Like I'm coated in magic and can make it work.
So my trouble yesterday was a specific firewall rule that was allowing some external partners work for the last 6 months just stopped working in the middle of the day.
So yeah into the router config we go. It's a piece of crap Juniper so yeah it's not the cisco routers I've come to know and love (seriously if you are a monkey you can follow most of the logic of the cisco, except sub-interfaces that shit is dumb). Anyhow I have logging on so so many policies and none of them including my block any policy has any traffic in it.
Why? Because it's a Juniper and the logging makes not one lick of sense. It doesn't log all traffic, only the things you specifically call out, and even then only when the session is closed. All in and out traffic is logged in the in policies for instance.
Anyhow my net take away was I added TCP Any and UDP Any to see what damn port that stupid program wanted (TCP 49292 for the curious), and find myself asking how on earth did it work for the last 6 months?????!!?
Yeah, so apparently my router is leaky and sucks at logging which is the worst combination of failure I can imagine. I'm all Hey Boss guy how about we get a Cisco, and he's all "Hmm, those are only programmable from the command line right?"