Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring Protocol Conditions with Parameters for PTSP Classify-Traffic Conditions (SRC CLI)

    Use the following configuration statements to configure classify-traffic conditions that contain a parameter value for the protocol:

    policies group name list name rule name traffic-condition name parameter-protocol-condition {protocol protocol; }
    policies group name list name rule name traffic-condition name parameter-protocol-condition proto-attr destination-port port {from-port from-port; }
    policies group name list name rule name traffic-condition name parameter-protocol-condition proto-attr source-port port {from-port from-port; }

    To configure a protocol condition that contains a parameter value for the protocol:

    1. From configuration mode, enter the parameter protocol condition configuration. For example:
      user@host# edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition
    2. Assign a parameter as the protocol matched by this classify-traffic condition.

      Before you assign a parameter, you must create a parameter of type protocol and commit the parameter configuration.

      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition]user@host# set protocol protocol
    3. (Optional) Enter the protocol attribute configuration.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition]user@host# edit proto-attr
    4. (Optional) Enter the destination port configuration.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr]user@host# edit destination-port port
    5. (Optional) Configure the TCP or UDP destination port.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr destination-port port]user@host# set from-port from-port

      Where from-port is one of the following values:

      • service_port—A predefined global parameter that is the port of the service as specified by the service object.
      • Integer in the range 0–65535.
      • Expression—A range of port numbers; for example, 10..20.
      • Parameter of type port.

      Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

      • To set a range of ports that is greater than 10, use 11..65535.
      • To set a range of ports that is less than 200, use 0..199.
    6. (Optional) Enter the source port configuration.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr destination-port port]user@host# up [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr]user@host# edit source-port port
    7. (Optional) Configure the TCP or UDP source port.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr source-port port]user@host# set from-port from-port[edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr source-port port]user@host# up[edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr source-port]user@host# up[edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr ]user@host# up

      Where from-port is one of the following values:

      • service_port—A predefined global parameter that is the port of the service as specified by the service object.
      • Integer in the range 0–65535.
      • Expression—A range of port numbers; for example, 10..20.
      • Parameter of type port.

      Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

      • To set a range of ports that is greater than 10, use 11..65535.
      • To set a range of ports that is less than 200, use 0..199.
    8. (Optional) Verify the parameter protocol configuration.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition]
      user@host# show 
      protocol protocol;
       destination-port {
          port {
            from-port service_port;
          }
        }
      }

    Modified: 2016-04-27