Configuring Protocol Conditions with Parameters for PTSP Classify-Traffic Conditions (SRC CLI)

Use the following configuration statements to configure classify-traffic conditions that contain a parameter value for the protocol:

To configure a protocol condition that contains a parameter value for the protocol:

1. From configuration mode, enter the parameter protocol condition configuration. For example:
   user@host# edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition
2. Assign a parameter as the protocol matched by this classify-traffic condition.

   Before you assign a parameter, you must create a parameter of type protocol and commit the parameter configuration.

   [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition]user@host# set protocol protocol
3. (Optional) Enter the protocol attribute configuration.
   [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition]user@host# edit proto-attr
4. (Optional) Enter the destination port configuration.
   [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr]user@host# edit destination-port port
5. (Optional) Configure the TCP or UDP destination port.
   [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr destination-port port]user@host# set from-port from-port

   Where from-port is one of the following values:

   • service_port—A predefined global parameter that is the port of the service as specified by the service object.
   • Integer in the range 0–65535.
   • Expression—A range of port numbers; for example, 10..20.
   • Parameter of type port.

   Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

   • To set a range of ports that is greater than 10, use 11..65535.
   • To set a range of ports that is less than 200, use 0..199.
6. (Optional) Enter the source port configuration.
   [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr destination-port port]user@host# up [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr]user@host# edit source-port port
7. (Optional) Configure the TCP or UDP source port.
   [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr source-port port]user@host# set from-port from-port [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr source-port port]user@host# up [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr source-port]user@host# up [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition proto-attr ]user@host# up

   Where from-port is one of the following values:

   • service_port — A predefined global parameter that is the port of the service as specified by the service object.
   • Integer in the range 0–65535.
   • Expression — A range of port numbers; for example, 10..20.
   • Parameter of type port.

   Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

   • To set a range of ports that is greater than 10, use 11..65535.
   • To set a range of ports that is less than 200, use 0..199.
8. (Optional) Verify the parameter protocol configuration.

   [edit policies group group1 list list1 rule rule1 traffic-condition condition1 parameter-protocol-condition]
   user@host# show 
   protocol protocol;
    destination-port {
       port {
         from-port service_port;
       }
     }
   }