I don't have the book but here's what you'd expect for LDP traffic:
- UDP Hellos sourced from outgoing interface to all routers multicast
- Targeted UDP Hellos sourced from the loopback IP to the neighbor's loopback IP
- TCP session sourced from the loopback IP to the neighbor's loopback IP
If you aren't using LDP for transport but you're using it for something like an l2circuit, then you can generate a list of loopbacks using apply-path.
If you are using LDP to generate your LSPs, then you'd need to manually configure a prefix-list with loopback IPs (or subnet covering all loopbacks). If that's not in the example, then I don't see how the session can come up.
Keep in mind that with any TCP session between routers, you'd need a term to allow replies. So for LDP, you'd need some term with a source-port of 646 and "tcp-established" to lock it down to segments with RST or ACK flags.
Example policy:
set policy-options prefix-list local-lo0 apply-path "interfaces lo0 unit <*> family inet address <*>" set policy-options prefix-list neighbor-int-ip apply-path "interfaces <*> unit <*> family inet address <*>" set policy-options prefix-list l2circuit-neighbors apply-path "protocols l2circuit neighbor <*>" set policy-options prefix-list all-routers-mcast 224.0.0.2/32 set policy-options prefix-list remote_loopbacks 1.2.3.0/24 set firewall family inet filter protect-re term permit_ldp_hellos from source-prefix-list neighbor-int-ip set firewall family inet filter protect-re term permit_ldp_hellos from destination-prefix-list all-routers-mcast set firewall family inet filter protect-re term permit_ldp_hellos from protocol udp set firewall family inet filter protect-re term permit_ldp_hellos from destination-port ldp set firewall family inet filter protect-re term permit_ldp_hellos then accept set firewall family inet filter protect-re term permit_tldp_hellos from source-prefix-list l2circuit-neighbors set firewall family inet filter protect-re term permit_tldp_hellos from destination-prefix-list local-lo0 set firewall family inet filter protect-re term permit_tldp_hellos from protocol udp set firewall family inet filter protect-re term permit_tldp_hellos from destination-port ldp set firewall family inet filter protect-re term permit_tldp_hellos then accept set firewall family inet filter protect-re term permit_tcp_init from source-prefix-list remote_loopbacks set firewall family inet filter protect-re term permit_tcp_init from source-prefix-list l2circuit-neighbors set firewall family inet filter protect-re term permit_tcp_init from destination-prefix-list local-lo0 set firewall family inet filter protect-re term permit_tcp_init from protocol tcp set firewall family inet filter protect-re term permit_tcp_init from destination-port ldp set firewall family inet filter protect-re term permit_tcp_init then accept set firewall family inet filter protect-re term permit_tcp_estbl from source-prefix-list remote_loopbacks set firewall family inet filter protect-re term permit_tcp_estbl from source-prefix-list l2circuit-neighbors set firewall family inet filter protect-re term permit_tcp_estbl from destination-prefix-list local-lo0 set firewall family inet filter protect-re term permit_tcp_estbl from protocol tcp set firewall family inet filter protect-re term permit_tcp_estbl from source-port ldp set firewall family inet filter protect-re term permit_tcp_estbl from tcp-established set firewall family inet filter protect-re term permit_tcp_estbl from destination-port 49152-65535 set firewall family inet filter protect-re term permit_tcp_estbl then accept