acl

acl
+  capture-filter
   +  ipv4-filter
      +  entry sequence-id number 
         +  action
            +  accept
            +  copy
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  dscp-set (number | keyword)
            +  first-fragment boolean
            +  fragment boolean
            +  icmp
               +  code number
               +  type (number | keyword)
            +  protocol (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  tcam-entries number
   +  ipv6-filter
      +  entry sequence-id number 
         +  action
            +  accept
            +  copy
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  dscp-set (number | keyword)
            +  icmp6
               +  code number
               +  type (number | keyword)
            +  next-header (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  tcam-entries number
+  cpm-filter
   +  ipv4-filter
      +  entry sequence-id number 
         +  action
            +  accept
               +  log boolean
               +  rate-limit
                  +  policer reference
                  +  system-cpu-policer reference
            +  drop
               +  log boolean
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  dscp-set (number | keyword)
            +  first-fragment boolean
            +  fragment boolean
            +  icmp
               +  code number
               +  type (number | keyword)
            +  protocol (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  statistics
            -  distributed-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
            -  last-clear string
            -  last-match string
            -  matched-packets number
            -  system-cpu-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
         -  tcam-entries number
      -  last-clear string
      +  statistics-per-entry boolean
   +  ipv6-filter
      +  entry sequence-id number 
         +  action
            +  accept
               +  log boolean
               +  rate-limit
                  +  policer reference
                  +  system-cpu-policer reference
            +  drop
               +  log boolean
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  dscp-set (number | keyword)
            +  icmp6
               +  code number
               +  type (number | keyword)
            +  next-header (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  statistics
            -  distributed-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
            -  last-clear string
            -  last-match string
            -  matched-packets number
            -  system-cpu-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
         -  tcam-entries number
      -  last-clear string
      +  statistics-per-entry boolean
   +  mac-filter
      +  entry sequence-id number 
         +  action
            +  accept
               +  log boolean
               +  rate-limit
                  +  policer reference
                  +  system-cpu-policer reference
            +  drop
               +  log boolean
         +  description string
         +  match
            +  destination-mac
               +  address string
               +  mask string
            +  ethertype (string | keyword)
            +  source-mac
               +  address string
               +  mask string
            +  vlan
               +  outermost-vlan-id
                  +  none 
                  +  operator keyword
                  +  range
                     +  end number
                     +  start number
                  +  value number
         -  statistics
            -  distributed-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
            -  last-clear string
            -  last-match string
            -  matched-packets number
            -  system-cpu-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
         -  tcam-entries number
      -  last-clear string
      +  statistics-per-entry boolean
-  datapath-programming
   -  forwarding-complex slot-id number complex-id number 
      -  last-completed-timestamp string
      -  programming-complete boolean
+  egress-mac-filtering boolean
+  ipv4-filter name string 
   +  description string
   +  entry sequence-id number 
      +  action
         +  accept
            +  forwarding-class (keyword | reference)
            +  log boolean
            +  rate-limit reference
         +  drop
            +  log boolean
      +  description string
      +  match
         +  destination-ip
            +  address string
            +  mask string
            +  prefix string
         +  destination-port
            +  operator keyword
            +  range
               +  end (number | keyword)
               +  start (number | keyword)
            +  value (number | keyword)
         +  dscp-set (number | keyword)
         +  first-fragment boolean
         +  fragment boolean
         +  icmp
            +  code number
            +  type (number | keyword)
         +  protocol (number | keyword)
         +  source-ip
            +  address string
            +  mask string
            +  prefix string
         +  source-port
            +  operator keyword
            +  range
               +  end (number | keyword)
               +  start (number | keyword)
            +  value (number | keyword)
         +  tcp-flags string
      -  statistics
         -  aggregate
            -  in-last-match string
            -  in-matched-packets number
            -  out-last-match string
            -  out-matched-packets number
         -  last-clear string
         -  per-interface
            -  subinterface name string 
               -  in-last-match string
               -  in-matched-packets number
               -  last-clear string
               -  out-last-match string
               -  out-matched-packets number
      -  tcam-entries
         -  forwarding-complex complex-identifier string 
            -  input-total number
            -  output-total number
            -  single-instance number
   -  last-clear string
   +  statistics-per-entry boolean
   +  subinterface-specific keyword
+  ipv6-filter name string 
   +  description string
   +  entry sequence-id number 
      +  action
         +  accept
            +  forwarding-class (keyword | reference)
            +  log boolean
            +  rate-limit reference
         +  drop
            +  log boolean
      +  description string
      +  match
         +  destination-ip
            +  address string
            +  mask string
            +  prefix string
         +  destination-port
            +  operator keyword
            +  range
               +  end (number | keyword)
               +  start (number | keyword)
            +  value (number | keyword)
         +  dscp-set (number | keyword)
         +  icmp6
            +  code number
            +  type (number | keyword)
         +  next-header (number | keyword)
         +  source-ip
            +  address string
            +  mask string
            +  prefix string
         +  source-port
            +  operator keyword
            +  range
               +  end (number | keyword)
               +  start (number | keyword)
            +  value (number | keyword)
         +  tcp-flags string
      -  statistics
         -  aggregate
            -  in-last-match string
            -  in-matched-packets number
            -  out-last-match string
            -  out-matched-packets number
         -  last-clear string
         -  per-interface
            -  subinterface name string 
               -  in-last-match string
               -  in-matched-packets number
               -  last-clear string
               -  out-last-match string
               -  out-matched-packets number
      -  tcam-entries
         -  forwarding-complex complex-identifier string 
            -  input-total number
            -  output-total number
            -  single-instance number
   -  last-clear string
   +  statistics-per-entry boolean
   +  subinterface-specific keyword
+  mac-filter name string 
   +  description string
   +  entry sequence-id number 
      +  action
         +  accept
            +  forwarding-class (keyword | reference)
            +  log boolean
            +  rate-limit reference
         +  drop
            +  log boolean
      +  description string
      +  match
         +  destination-mac
            +  address string
            +  mask string
         +  ethertype (string | keyword)
         +  source-mac
            +  address string
            +  mask string
         +  vlan
            +  outermost-vlan-id
               +  none 
               +  operator keyword
               +  range
                  +  end number
                  +  start number
               +  value number
      -  statistics
         -  aggregate
            -  in-last-match string
            -  in-matched-packets number
            -  out-last-match string
            -  out-matched-packets number
         -  last-clear string
         -  per-interface
            -  subinterface name string 
               -  in-last-match string
               -  in-matched-packets number
               -  last-clear string
               -  out-last-match string
               -  out-matched-packets number
      -  tcam-entries
         -  forwarding-complex complex-identifier string 
            -  input-total number
            -  output-total number
            -  single-instance number
   -  last-clear string
   +  statistics-per-entry boolean
   +  subinterface-specific keyword
+  policers
   +  policer name string 
      +  entry-specific boolean
      +  max-burst number
      +  peak-rate number
      -  statistics
         -  aggregate
            -  conforming-octets number
            -  conforming-packets number
            -  exceeding-octets number
            -  exceeding-packets number
         -  last-clear string
   +  system-cpu-policer name string 
      +  entry-specific boolean
      +  max-packet-burst number
      +  peak-packet-rate number
      -  statistics
         -  conforming-octets number
         -  conforming-packets number
         -  exceeding-octets number
         -  exceeding-packets number
         -  last-clear string
+  system-filter
   +  ipv4-filter
      +  entry sequence-id number 
         +  action
            +  accept
            +  drop
               +  log boolean
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  dscp-set (number | keyword)
            +  first-fragment boolean
            +  fragment boolean
            +  icmp
               +  code number
               +  type (number | keyword)
            +  protocol (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  statistics
            -  last-clear string
            -  last-match string
            -  matched-packets number
         -  tcam-entries number
      -  last-clear string
   +  ipv6-filter
      +  entry sequence-id number 
         +  action
            +  accept
            +  drop
               +  log boolean
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  dscp-set (number | keyword)
            +  icmp6
               +  code number
               +  type (number | keyword)
            +  next-header (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  statistics
            -  last-clear string
            -  last-match string
            -  matched-packets number
         -  tcam-entries number
      -  last-clear string
+  tcam-profile keyword

acl Descriptions

acl

Description Top level container for configuration and operational state related to access control lists (ACLs)
Contextacl
Treeacl
ConfigurableTrue
PlatformsSupported on all platforms

capture-filter

Description Top level container for capture filters
Contextacl capture-filter
Treecapture-filter
ConfigurableTrue
PlatformsSupported on all platforms

ipv4-filter

Description Top level container for capture IPv4 filters
Contextacl capture-filter ipv4-filter
Treeipv4-filter
ConfigurableTrue
PlatformsSupported on all platforms
entry sequence-id number
Description List of filter rules.
Context acl capture-filter ipv4-filter entry sequence-id number
Treeentry
ConfigurableTrue
PlatformsSupported on all platforms
sequence-id number
Description A number to indicate the relative evaluation order of the different entries; lower numbered entries are evaluated before higher numbered entries.
Contextacl capture-filter ipv4-filter entry sequence-id number
Range1 to 65535
ConfigurableTrue
PlatformsSupported on all platforms
action
Description Container for the actions to be applied to packets matching the capture filter entry.
Contextacl capture-filter ipv4-filter entry sequence-id number action
Treeaction
ConfigurableTrue
PlatformsSupported on all platforms
match
Description Container for the conditions that determine whether a packet matches this entry
Contextacl capture-filter ipv4-filter entry sequence-id number match
Treematch
ConfigurableTrue
PlatformsSupported on all platforms
destination-ip
Description Packet matching criteria based on destination IPv4 address
Contextacl capture-filter ipv4-filter entry sequence-id number match destination-ip
Treedestination-ip
ConfigurableTrue
PlatformsSupported on all platforms
destination-port
Description

A packet matches this condition if its destination TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl capture-filter ipv4-filter entry sequence-id number match destination-port
Treedestination-port
ConfigurableTrue
PlatformsSupported on all platforms
range
Description Container used to specify a contiguous range of TCP/UDP port numbers
Contextacl capture-filter ipv4-filter entry sequence-id number match destination-port range
Treerange
ConfigurableTrue
PlatformsSupported on all platforms
end (number | keyword)
Description The ending port number to include in the range
Contextacl capture-filter ipv4-filter entry sequence-id number match destination-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
start (number | keyword)
Description The starting port number to include in the range
Contextacl capture-filter ipv4-filter entry sequence-id number match destination-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
value (number | keyword)
Description A destination port number
Context acl capture-filter ipv4-filter entry sequence-id number match destination-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
dscp-set (number | keyword)
Description A list of DSCP values to be matched for incoming packets. An OR match should be performed, such that a packet must match one of the values defined in this list. If the field is left empty then any DSCP value matches.
Contextacl capture-filter ipv4-filter entry sequence-id number match dscp-set (number | keyword)
Treedscp-set
Range0 to 63
Options
  • CS0

  • LE

  • CS1

  • AF11

  • AF12

  • AF13

  • CS2

  • AF21

  • AF22

  • AF23

  • CS3

  • AF31

  • AF32

  • AF33

  • CS4

  • AF41

  • AF42

  • AF43

  • CS5

  • EF

  • CS6

  • CS7

Configurable True
Platforms7250 IXR-10e, 7250 IXR-6e, 7220 IXR-D3, 7220 IXR-D3L, 7220 IXR-D2L, 7250 IXR-10, 7220 IXR-D5, 7220 IXR-D4, 7220 IXR-D1, 7220 IXR-D2, 7250 IXR-6
first-fragment boolean
Description

Match the first fragment of an IPv4 datagram

A packet matches the true condition if the IPv4 header indicates that the fragment-offset is zero and and the more-fragments bit is 1. It is not valid to configure this leaf without configuring a match value for the fragment leaf.

Contextacl capture-filter ipv4-filter entry sequence-id number match first-fragment boolean
Treefirst-fragment
ConfigurableTrue
PlatformsSupported on all platforms
fragment boolean
Description

Match an IPv4 fragment

A packet matches the true condition if the IPv4 header indicates that the fragment-offset is zero and and the more-fragments bit is 1 or if the IPv4 header indicates that the fragment-offset is greater than 0. A packet matches the false condition if it is unfragmented.

Contextacl capture-filter ipv4-filter entry sequence-id number match fragment boolean
Treefragment
ConfigurableTrue
PlatformsSupported on all platforms
icmp
Description

A packet matches this condition if its ICMP type and code matches one of the specified combinations

The rule should also have a condition that the IP protocol equals 1 (ICMP) in order for this to be interpreted correctly.

Contextacl capture-filter ipv4-filter entry sequence-id number match icmp
Treeicmp
ConfigurableTrue
PlatformsSupported on all platforms
type (number | keyword)
Description Match a single ICMP type value.
Context acl capture-filter ipv4-filter entry sequence-id number match icmp type (number | keyword)
Treetype
Range0 to 255
Options
  • echo-reply

    ICMP Echo Reply

  • dest-unreachable

    ICMP Destination Unreachable

  • source-quench

    ICMP Source Quench

  • redirect

    ICMP Redirect

  • echo

    ICMP Echo

  • router-advertise

    ICMP Router Advertisement

  • router-solicit

    ICMP Router Solicitation

  • time-exceeded

    ICMP Time Exceeded

  • param-problem

    ICMP Parameter Problem

  • timestamp

    ICMP Timestamp

  • timestamp-reply

    ICMP Timestamp Reply

Configurable True
PlatformsSupported on all platforms
protocol (number | keyword)
Description An IPv4 packet matches this condition if its IP protocol type field matches the specified value
Contextacl capture-filter ipv4-filter entry sequence-id number match protocol (number | keyword)
Treeprotocol
Range0 to 255
Options
  • ipv6-hop

    IPv6 hop-by-hop option

  • icmp

    Internet Control Message Protocol

  • igmp

    Internet Group Management Protocol

  • ggp

    Gateway-to-Gateway Protocol

  • ipv4

    IPv4 encapsulation

  • st

    Stream Protocol

  • tcp

    Transmission Control Protocol

  • egp

    Exterior Gateway Protocol

  • igp

    Interior Gateway Protocol

  • udp

    User Datagram Protocol

  • ipv6

    IPv6 encapsulation

  • idrp

    Inter-Domain Routing Protocol

  • rsvp

    Resource Reservation Protocol

  • gre

    Generic Routing Encapsulation

  • esp

    IPSec Encapsulating Security Payload

  • ah

    IPSec Authentication Header

  • icmp6

    IPSec Authentication Header

  • no-next-hdr

    No Next Header for IPv6

  • ipv6-dest-opts

    Destination Options for IPv6

  • eigrp

    Cisco EIGRP

  • ospf

    OSPFv2 and OSPFv3

  • pim

    Protocol Independent Multicast

  • vrrp

    Virtual Router Redundancy Protocol

  • l2tp

    Layer Two Tunneling Protocol

  • sctp

    Stream Control Transmission Protocol

  • mpls-in-ip

    MPLS Encapsulation inside IP

  • rohc

    Robust Header Compression

Configurable True
PlatformsSupported on all platforms
source-ip
Description Packet matching criteria based on source IPv4 address
Contextacl capture-filter ipv4-filter entry sequence-id number match source-ip
Treesource-ip
ConfigurableTrue
PlatformsSupported on all platforms
source-port
Description

A packet matches this condition if its source TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl capture-filter ipv4-filter entry sequence-id number match source-port
Treesource-port
ConfigurableTrue
PlatformsSupported on all platforms
range
Description Container used to specify a contiguous range of TCP/UDP port numbers
Contextacl capture-filter ipv4-filter entry sequence-id number match source-port range
Treerange
ConfigurableTrue
PlatformsSupported on all platforms
end (number | keyword)
Description The ending port number to include in the range
Contextacl capture-filter ipv4-filter entry sequence-id number match source-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
start (number | keyword)
Description The starting port number to include in the range
Contextacl capture-filter ipv4-filter entry sequence-id number match source-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
value (number | keyword)
Description A source port number
Context acl capture-filter ipv4-filter entry sequence-id number match source-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms

ipv6-filter

Description Top level container for capture IPv6 filters
Contextacl capture-filter ipv6-filter
Treeipv6-filter
ConfigurableTrue
PlatformsSupported on all platforms
entry sequence-id number
Description List of filter rules.
Context acl capture-filter ipv6-filter entry sequence-id number
Treeentry
ConfigurableTrue
PlatformsSupported on all platforms
sequence-id number
Description A number to indicate the relative evaluation order of the different entries; lower numbered entries are evaluated before higher numbered entries
Contextacl capture-filter ipv6-filter entry sequence-id number
Range1 to 65535
ConfigurableTrue
PlatformsSupported on all platforms
action
Description Container for the actions to be applied to packets matching the capture filter entry.
Contextacl capture-filter ipv6-filter entry sequence-id number action
Treeaction
ConfigurableTrue
PlatformsSupported on all platforms
match
Description Container for the conditions that determine whether a packet matches this entry
Contextacl capture-filter ipv6-filter entry sequence-id number match
Treematch
ConfigurableTrue
PlatformsSupported on all platforms
destination-ip
Description Packet matching criteria based on destination IPv6 address
Contextacl capture-filter ipv6-filter entry sequence-id number match destination-ip
Treedestination-ip
ConfigurableTrue
PlatformsSupported on all platforms
destination-port
Description

A packet matches this condition if its destination TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl capture-filter ipv6-filter entry sequence-id number match destination-port
Treedestination-port
ConfigurableTrue
PlatformsSupported on all platforms
range
Description Container used to specify a contiguous range of TCP/UDP port numbers
Contextacl capture-filter ipv6-filter entry sequence-id number match destination-port range
Treerange
ConfigurableTrue
PlatformsSupported on all platforms
end (number | keyword)
Description The ending port number to include in the range
Contextacl capture-filter ipv6-filter entry sequence-id number match destination-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
start (number | keyword)
Description The starting port number to include in the range
Contextacl capture-filter ipv6-filter entry sequence-id number match destination-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
value (number | keyword)
Description A destination port number
Context acl capture-filter ipv6-filter entry sequence-id number match destination-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
dscp-set (number | keyword)
Description A list of DSCP values to be matched for incoming packets. An OR match should be performed, such that a packet must match one of the values defined in this list. If the field is left empty then any DSCP value matches.
Contextacl capture-filter ipv6-filter entry sequence-id number match dscp-set (number | keyword)
Treedscp-set
Range0 to 63
Options
  • CS0

  • LE

  • CS1

  • AF11

  • AF12

  • AF13

  • CS2

  • AF21

  • AF22

  • AF23

  • CS3

  • AF31

  • AF32

  • AF33

  • CS4

  • AF41

  • AF42

  • AF43

  • CS5

  • EF

  • CS6

  • CS7

Configurable True
Platforms7250 IXR-10e, 7250 IXR-6e, 7220 IXR-D3, 7220 IXR-D3L, 7220 IXR-D2L, 7250 IXR-10, 7220 IXR-D5, 7220 IXR-D4, 7220 IXR-D1, 7220 IXR-D2, 7250 IXR-6
icmp6
Description

A packet matches this condition if its ICMPv6 type and code matches one of the specified combinations

The rule should also have a condition that the next-header value equals 58 (ICMPv6) in order for this to be interpreted correctly.

Contextacl capture-filter ipv6-filter entry sequence-id number match icmp6
Treeicmp6
ConfigurableTrue
PlatformsSupported on all platforms
type (number | keyword)
Description Match a single ICMPv6 type value
Context acl capture-filter ipv6-filter entry sequence-id number match icmp6 type (number | keyword)
Treetype
Range0 to 255
Options
  • dest-unreachable

    ICMPv6 Destination Unreachable

  • packet-too-big

    ICMPv6 Packet Too Big

  • time-exceeded

    ICMPv6 Time Exceeded

  • param-problem

    Parameter Problem

  • echo-request

    ICMPv6 Echo Request

  • echo-reply

    ICMPv6 Echo Reply

  • mld-query

    Multicast Listener Discovery Query

  • mld-report

    Multicast Listener Discovery Report

  • mld-done

    Multicast Listener Discovery Done

  • router-solicit

    ICMPv6 Router Solicitation

  • router-advertise

    ICMPv6 Router Advertisement

  • neighbor-solicit

    ICMPv6 Neighbor Solicitation

  • neighbor-advertise

    ICMPv6 Neighbor Advertisement

  • redirect

    ICMPv6 Redirect

  • router-renumber

    ICMPv6 Router Renumbering

  • node-info-query

    ICMPv6 Node Information Query

  • node-info-response

    ICMPv6 Node Information Response

  • mld-v2

    Multicast Listener Discovery Version 2

  • mcast-rtr-adv

    Multicast Router Advertisement

  • mcast-rtr-solicit

    Multicast Router Solicitation

  • mcast-rtr-term

    Multicast Router Termination

ConfigurableTrue
PlatformsSupported on all platforms
next-header (number | keyword)
Description An IPv6 packet matches this condition if its first next-header field (in the IPv6 fixed header) contains the specified value
Contextacl capture-filter ipv6-filter entry sequence-id number match next-header (number | keyword)
Treenext-header
Range0 to 255
Options
  • ipv6-hop

    IPv6 hop-by-hop option

  • icmp

    Internet Control Message Protocol

  • igmp

    Internet Group Management Protocol

  • ggp

    Gateway-to-Gateway Protocol

  • ipv4

    IPv4 encapsulation

  • st

    Stream Protocol

  • tcp

    Transmission Control Protocol

  • egp

    Exterior Gateway Protocol

  • igp

    Interior Gateway Protocol

  • udp

    User Datagram Protocol

  • ipv6

    IPv6 encapsulation

  • idrp

    Inter-Domain Routing Protocol

  • rsvp

    Resource Reservation Protocol

  • gre

    Generic Routing Encapsulation

  • esp

    IPSec Encapsulating Security Payload

  • ah

    IPSec Authentication Header

  • icmp6

    IPSec Authentication Header

  • no-next-hdr

    No Next Header for IPv6

  • ipv6-dest-opts

    Destination Options for IPv6

  • eigrp

    Cisco EIGRP

  • ospf

    OSPFv2 and OSPFv3

  • pim

    Protocol Independent Multicast

  • vrrp

    Virtual Router Redundancy Protocol

  • l2tp

    Layer Two Tunneling Protocol

  • sctp

    Stream Control Transmission Protocol

  • mpls-in-ip

    MPLS Encapsulation inside IP

  • rohc

    Robust Header Compression

Configurable True
PlatformsSupported on all platforms
source-ip
Description Packet matching criteria based on source IPv6 address
Contextacl capture-filter ipv6-filter entry sequence-id number match source-ip
Treesource-ip
ConfigurableTrue
PlatformsSupported on all platforms
source-port
Description

A packet matches this condition if its source TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl capture-filter ipv6-filter entry sequence-id number match source-port
Treesource-port
ConfigurableTrue
PlatformsSupported on all platforms
range
Description Container used to specify a contiguous range of TCP/UDP port numbers
Contextacl capture-filter ipv6-filter entry sequence-id number match source-port range
Treerange
ConfigurableTrue
PlatformsSupported on all platforms
end (number | keyword)
Description The ending port number to include in the range
Contextacl capture-filter ipv6-filter entry sequence-id number match source-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
start (number | keyword)
Description The starting port number to include in the range
Contextacl capture-filter ipv6-filter entry sequence-id number match source-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
value (number | keyword)
Description A source port number
Context acl capture-filter ipv6-filter entry sequence-id number match source-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms

cpm-filter

Description Top level container for CPM filters
Context acl cpm-filter
Treecpm-filter
ConfigurableTrue
PlatformsSupported on all platforms

ipv4-filter

Description Top level container for CPM IPv4 filters
Contextacl cpm-filter ipv4-filter
Treeipv4-filter
ConfigurableTrue
PlatformsSupported on all platforms
entry sequence-id number
Description List of filter rules.
Context acl cpm-filter ipv4-filter entry sequence-id number
Treeentry
ConfigurableTrue
PlatformsSupported on all platforms
sequence-id number
Description A number to indicate the relative evaluation order of the different entries; lower numbered entries are evaluated before higher numbered entries
Contextacl cpm-filter ipv4-filter entry sequence-id number
Range1 to 65535
ConfigurableTrue
PlatformsSupported on all platforms
action
Description Container for the actions to be applied to packets matching the CPM filter entry.
Contextacl cpm-filter ipv4-filter entry sequence-id number action
Treeaction
ConfigurableTrue
PlatformsSupported on all platforms
accept
Description Accept matching packets and forward them towards their normal destination
Contextacl cpm-filter ipv4-filter entry sequence-id number action accept
Treeaccept
ConfigurableTrue
PlatformsSupported on all platforms
log boolean
Description

When this is true, a log is created for each packet matching the entry

For IP packets matched by an IP filter entry the log entry contains the following information:

For Ethernet packets matched by a MAC filter entry the log entry contains the folllowing information:

Contextacl cpm-filter ipv4-filter entry sequence-id number action accept log boolean
Treelog
Defaultfalse
ConfigurableTrue
PlatformsSupported on all platforms
rate-limit
Description Rate-limit accepted packets
Context acl cpm-filter ipv4-filter entry sequence-id number action accept rate-limit
Treerate-limit
ConfigurableTrue
PlatformsSupported on all platforms
drop
Description

Drop matching packets.

Dropped IP packets do not result in sending ICMP messages back to the source

Contextacl cpm-filter ipv4-filter entry sequence-id number action drop
Treedrop
ConfigurableTrue
PlatformsSupported on all platforms
log boolean
Description

When this is true, a log is created for each packet matching the entry

For IP packets matched by an IP filter entry the log entry contains the following information:

For Ethernet packets matched by a MAC filter entry the log entry contains the folllowing information:

Contextacl cpm-filter ipv4-filter entry sequence-id number action drop log boolean
Treelog
Defaultfalse
ConfigurableTrue
PlatformsSupported on all platforms
match
Description Container for the conditions that determine whether a packet matches this entry
Contextacl cpm-filter ipv4-filter entry sequence-id number match
Treematch
ConfigurableTrue
PlatformsSupported on all platforms
destination-ip
Description Packet matching criteria based on destination IPv4 address
Contextacl cpm-filter ipv4-filter entry sequence-id number match destination-ip
Treedestination-ip
ConfigurableTrue
PlatformsSupported on all platforms
destination-port
Description

A packet matches this condition if its destination TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv4-filter entry sequence-id number match destination-port
Treedestination-port
ConfigurableTrue
PlatformsSupported on all platforms
range
Description Container used to specify a contiguous range of TCP/UDP port numbers
Contextacl cpm-filter ipv4-filter entry sequence-id number match destination-port range
Treerange
ConfigurableTrue
PlatformsSupported on all platforms
end (number | keyword)
Description The ending port number to include in the range
Contextacl cpm-filter ipv4-filter entry sequence-id number match destination-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
start (number | keyword)
Description The starting port number to include in the range
Contextacl cpm-filter ipv4-filter entry sequence-id number match destination-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
value (number | keyword)
Description A destination port number
Context acl cpm-filter ipv4-filter entry sequence-id number match destination-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
dscp-set (number | keyword)
Description A list of DSCP values to be matched for incoming packets. An OR match should be performed, such that a packet must match one of the values defined in this list. If the field is left empty then any DSCP value matches.
Contextacl cpm-filter ipv4-filter entry sequence-id number match dscp-set (number | keyword)
Treedscp-set
Range0 to 63
Options
  • CS0

  • LE

  • CS1

  • AF11

  • AF12

  • AF13

  • CS2

  • AF21

  • AF22

  • AF23

  • CS3

  • AF31

  • AF32

  • AF33

  • CS4

  • AF41

  • AF42

  • AF43

  • CS5

  • EF

  • CS6

  • CS7

Configurable True
Platforms7250 IXR-10e, 7250 IXR-6e, 7220 IXR-D3, 7220 IXR-D3L, 7220 IXR-D2L, 7250 IXR-10, 7220 IXR-D5, 7220 IXR-D4, 7220 IXR-D1, 7220 IXR-D2, 7250 IXR-6
first-fragment boolean
Description

Match the first fragment of an IPv4 datagram

A packet matches the true condition if the IPv4 header indicates that the fragment-offset is zero and and the more-fragments bit is 1. It is not valid to configure this leaf without configuring a match value for the fragment leaf.

Contextacl cpm-filter ipv4-filter entry sequence-id number match first-fragment boolean
Treefirst-fragment
ConfigurableTrue
PlatformsSupported on all platforms
fragment boolean
Description

Match an IPv4 fragment

A packet matches the true condition if the IPv4 header indicates that the fragment-offset is zero and and the more-fragments bit is 1 or if the IPv4 header indicates that the fragment-offset is greater than 0. A packet matches the false condition if it is unfragmented.

Contextacl cpm-filter ipv4-filter entry sequence-id number match fragment boolean
Treefragment
ConfigurableTrue
PlatformsSupported on all platforms
icmp
Description

A packet matches this condition if its ICMP type and code matches one of the specified combinations

The rule should also have a condition that the IP protocol equals 1 (ICMP) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv4-filter entry sequence-id number match icmp
Treeicmp
ConfigurableTrue
PlatformsSupported on all platforms
code number
Description

Match if the ICMP code value is any value in the list

Requires ICMP type to be specified because codes are type dependent.

Contextacl cpm-filter ipv4-filter entry sequence-id number match icmp code number
Treecode
ConfigurableTrue
PlatformsSupported on all platforms
type (number | keyword)
Description Match a single ICMP type value.
Context acl cpm-filter ipv4-filter entry sequence-id number match icmp type (number | keyword)
Treetype
Range0 to 255
Options
  • echo-reply

    ICMP Echo Reply

  • dest-unreachable

    ICMP Destination Unreachable

  • source-quench

    ICMP Source Quench

  • redirect

    ICMP Redirect

  • echo

    ICMP Echo

  • router-advertise

    ICMP Router Advertisement

  • router-solicit

    ICMP Router Solicitation

  • time-exceeded

    ICMP Time Exceeded

  • param-problem

    ICMP Parameter Problem

  • timestamp

    ICMP Timestamp

  • timestamp-reply

    ICMP Timestamp Reply

Configurable True
PlatformsSupported on all platforms
protocol (number | keyword)
Description An IPv4 packet matches this condition if its IP protocol type field matches the specified value
Contextacl cpm-filter ipv4-filter entry sequence-id number match protocol (number | keyword)
Treeprotocol
Range0 to 255
Options
  • ipv6-hop

    IPv6 hop-by-hop option

  • icmp

    Internet Control Message Protocol

  • igmp

    Internet Group Management Protocol

  • ggp

    Gateway-to-Gateway Protocol

  • ipv4

    IPv4 encapsulation

  • st

    Stream Protocol

  • tcp

    Transmission Control Protocol

  • egp

    Exterior Gateway Protocol

  • igp

    Interior Gateway Protocol

  • udp

    User Datagram Protocol

  • ipv6

    IPv6 encapsulation

  • idrp

    Inter-Domain Routing Protocol

  • rsvp

    Resource Reservation Protocol

  • gre

    Generic Routing Encapsulation

  • esp

    IPSec Encapsulating Security Payload

  • ah

    IPSec Authentication Header

  • icmp6

    IPSec Authentication Header

  • no-next-hdr

    No Next Header for IPv6

  • ipv6-dest-opts

    Destination Options for IPv6

  • eigrp

    Cisco EIGRP

  • ospf

    OSPFv2 and OSPFv3

  • pim

    Protocol Independent Multicast

  • vrrp

    Virtual Router Redundancy Protocol

  • l2tp

    Layer Two Tunneling Protocol

  • sctp

    Stream Control Transmission Protocol

  • mpls-in-ip

    MPLS Encapsulation inside IP

  • rohc

    Robust Header Compression

Configurable True
PlatformsSupported on all platforms
source-ip
Description Packet matching criteria based on source IPv4 address
Contextacl cpm-filter ipv4-filter entry sequence-id number match source-ip
Treesource-ip
ConfigurableTrue
PlatformsSupported on all platforms
source-port
Description

A packet matches this condition if its source TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv4-filter entry sequence-id number match source-port
Treesource-port
ConfigurableTrue
PlatformsSupported on all platforms
range
Description Container used to specify a contiguous range of TCP/UDP port numbers
Contextacl cpm-filter ipv4-filter entry sequence-id number match source-port range
Treerange
ConfigurableTrue
PlatformsSupported on all platforms
end (number | keyword)
Description The ending port number to include in the range
Contextacl cpm-filter ipv4-filter entry sequence-id number match source-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
start (number | keyword)
Description The starting port number to include in the range
Contextacl cpm-filter ipv4-filter entry sequence-id number match source-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
value (number | keyword)
Description A source port number
Context acl cpm-filter ipv4-filter entry sequence-id number match source-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
statistics
Description Statistics container for packets matching the CPM-filter entry
Contextacl cpm-filter ipv4-filter entry sequence-id number statistics
Treestatistics
ConfigurableFalse
PlatformsSupported on all platforms
distributed-policer
Description Distributed policer stats for traffic matching the entry.
Contextacl cpm-filter ipv4-filter entry sequence-id number statistics distributed-policer
Treedistributed-policer
ConfigurableFalse
PlatformsSupported on all platforms except 7220
system-cpu-policer
Description System CPU policer stats for traffic matching the entry.
Contextacl cpm-filter ipv4-filter entry sequence-id number statistics system-cpu-policer
Treesystem-cpu-policer
ConfigurableFalse
PlatformsSupported on all platforms
last-clear string
Description Time of the last clear command performed by the user at this level
Contextacl cpm-filter ipv4-filter last-clear string
Treelast-clear
String Length20 to 32
ConfigurableFalse
PlatformsSupported on all platforms
statistics-per-entry boolean
Description Collect the following statistics per entry: the number of packets matching each entry, and the elapsed time since a packet last matched each entry
Contextacl cpm-filter ipv4-filter statistics-per-entry boolean
Treestatistics-per-entry
ConfigurableTrue
PlatformsSupported on all platforms

ipv6-filter

Description Top level container for CPM IPv6 filters
Contextacl cpm-filter ipv6-filter
Treeipv6-filter
ConfigurableTrue
PlatformsSupported on all platforms
entry sequence-id number
Description List of filter rules.
Context acl cpm-filter ipv6-filter entry sequence-id number
Treeentry
ConfigurableTrue
PlatformsSupported on all platforms
sequence-id number
Description A number to indicate the relative evaluation order of the different entries; lower numbered entries are evaluated before higher numbered entries
Contextacl cpm-filter ipv6-filter entry sequence-id number
Range1 to 65535
ConfigurableTrue
PlatformsSupported on all platforms
action
Description Container for the actions to be applied to packets matching the CPM filter entry.
Contextacl cpm-filter ipv6-filter entry sequence-id number action
Treeaction
ConfigurableTrue
PlatformsSupported on all platforms
accept
Description Accept matching packets and forward them towards their normal destination
Contextacl cpm-filter ipv6-filter entry sequence-id number action accept
Treeaccept
ConfigurableTrue
PlatformsSupported on all platforms
log boolean
Description

When this is true, a log is created for each packet matching the entry

For IP packets matched by an IP filter entry the log entry contains the following information:

For Ethernet packets matched by a MAC filter entry the log entry contains the folllowing information:

Contextacl cpm-filter ipv6-filter entry sequence-id number action accept log boolean
Treelog
Defaultfalse
ConfigurableTrue
PlatformsSupported on all platforms
rate-limit
Description Rate-limit accepted packets
Context acl cpm-filter ipv6-filter entry sequence-id number action accept rate-limit
Treerate-limit
ConfigurableTrue
PlatformsSupported on all platforms
drop
Description

Drop matching packets.

Dropped IP packets do not result in sending ICMP messages back to the source

Contextacl cpm-filter ipv6-filter entry sequence-id number action drop
Treedrop
ConfigurableTrue
PlatformsSupported on all platforms
log boolean
Description

When this is true, a log is created for each packet matching the entry

For IP packets matched by an IP filter entry the log entry contains the following information:

For Ethernet packets matched by a MAC filter entry the log entry contains the folllowing information:

Contextacl cpm-filter ipv6-filter entry sequence-id number action drop log boolean
Treelog
Defaultfalse
ConfigurableTrue
PlatformsSupported on all platforms
match
Description Container for the conditions that determine whether a packet matches this entry
Contextacl cpm-filter ipv6-filter entry sequence-id number match
Treematch
ConfigurableTrue
PlatformsSupported on all platforms
destination-ip
Description Packet matching criteria based on destination IPv6 address
Contextacl cpm-filter ipv6-filter entry sequence-id number match destination-ip
Treedestination-ip
ConfigurableTrue
PlatformsSupported on all platforms
destination-port
Description

A packet matches this condition if its destination TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv6-filter entry sequence-id number match destination-port
Treedestination-port
ConfigurableTrue
PlatformsSupported on all platforms
range
Description Container used to specify a contiguous range of TCP/UDP port numbers
Contextacl cpm-filter ipv6-filter entry sequence-id number match destination-port range
Treerange
ConfigurableTrue
PlatformsSupported on all platforms
end (number | keyword)
Description The ending port number to include in the range
Contextacl cpm-filter ipv6-filter entry sequence-id number match destination-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
start (number | keyword)
Description The starting port number to include in the range
Contextacl cpm-filter ipv6-filter entry sequence-id number match destination-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue
PlatformsSupported on all platforms
value (number | keyword)
Description A destination port number
Context acl cpm-filter ipv6-filter entry sequence-id number match destination-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administr