acl

acl
+  capture-filter
   +  ipv4-filter
      +  entry sequence-id number
         +  action
            +  accept
            +  copy
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  first-fragment boolean
            +  fragment boolean
            +  icmp
               +  code number
               +  type (number | keyword)
            +  protocol (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  tcam-entries number
   +  ipv6-filter
      +  entry sequence-id number
         +  action
            +  accept
            +  copy
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  icmp6
               +  code number
               +  type (number | keyword)
            +  next-header (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  tcam-entries number
+  cpm-filter
   +  ipv4-filter
      +  entry sequence-id number
         +  action
            +  accept
               +  log boolean
               +  rate-limit
                  +  distributed-policer reference
                  +  system-cpu-policer reference
            +  drop
               +  log boolean
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  first-fragment boolean
            +  fragment boolean
            +  icmp
               +  code number
               +  type (number | keyword)
            +  protocol (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  statistics
            -  distributed-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
            -  last-clear string
            -  last-match string
            -  matched-packets number
            -  system-cpu-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
         -  tcam-entries number
      -  last-clear string
      +  statistics-per-entry boolean
   +  ipv6-filter
      +  entry sequence-id number
         +  action
            +  accept
               +  log boolean
               +  rate-limit
                  +  distributed-policer reference
                  +  system-cpu-policer reference
            +  drop
               +  log boolean
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  icmp6
               +  code number
               +  type (number | keyword)
            +  next-header (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  statistics
            -  distributed-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
            -  last-clear string
            -  last-match string
            -  matched-packets number
            -  system-cpu-policer
               -  conforming-octets number
               -  conforming-packets number
               -  exceeding-octets number
               -  exceeding-packets number
         -  tcam-entries number
      -  last-clear string
      +  statistics-per-entry boolean
+  ipv4-filter name string
   +  description string
   +  entry sequence-id number
      +  action
         +  accept
            +  log boolean
         +  drop
            +  log boolean
      +  description string
      +  match
         +  destination-ip
            +  address string
            +  mask string
            +  prefix string
         +  destination-port
            +  operator keyword
            +  range
               +  end (number | keyword)
               +  start (number | keyword)
            +  value (number | keyword)
         +  first-fragment boolean
         +  fragment boolean
         +  icmp
            +  code number
            +  type (number | keyword)
         +  protocol (number | keyword)
         +  source-ip
            +  address string
            +  mask string
            +  prefix string
         +  source-port
            +  operator keyword
            +  range
               +  end (number | keyword)
               +  start (number | keyword)
            +  value (number | keyword)
         +  tcp-flags string
      -  statistics
         -  aggregate
            -  in-last-match string
            -  in-matched-packets number
            -  out-last-match string
            -  out-matched-packets number
         -  last-clear string
         -  per-interface
            -  subinterface name string
               -  in-last-match string
               -  in-matched-packets number
               -  last-clear string
               -  out-last-match string
               -  out-matched-packets number
      -  tcam-entries
         -  linecard slot number
            -  input-total number
            -  output-total number
            -  single-instance number
   -  last-clear string
   -  statistics
   +  statistics-per-entry boolean
   +  subinterface-specific keyword
+  ipv6-filter name string
   +  description string
   +  entry sequence-id number
      +  action
         +  accept
            +  log boolean
         +  drop
            +  log boolean
      +  description string
      +  match
         +  destination-ip
            +  address string
            +  mask string
            +  prefix string
         +  destination-port
            +  operator keyword
            +  range
               +  end (number | keyword)
               +  start (number | keyword)
            +  value (number | keyword)
         +  icmp6
            +  code number
            +  type (number | keyword)
         +  next-header (number | keyword)
         +  source-ip
            +  address string
            +  mask string
            +  prefix string
         +  source-port
            +  operator keyword
            +  range
               +  end (number | keyword)
               +  start (number | keyword)
            +  value (number | keyword)
         +  tcp-flags string
      -  statistics
         -  aggregate
            -  in-last-match string
            -  in-matched-packets number
            -  out-last-match string
            -  out-matched-packets number
         -  last-clear string
         -  per-interface
            -  subinterface name string
               -  in-last-match string
               -  in-matched-packets number
               -  last-clear string
               -  out-last-match string
               -  out-matched-packets number
      -  tcam-entries
         -  linecard slot number
            -  input-total number
            -  output-total number
            -  single-instance number
   -  last-clear string
   -  statistics
   +  statistics-per-entry boolean
   +  subinterface-specific keyword
+  policers
   +  policer name string
      +  entry-specific boolean
      +  max-burst number
      +  peak-rate number
      -  statistics
         -  conforming-octets number
         -  conforming-packets number
         -  exceeding-octets number
         -  exceeding-packets number
         -  last-clear string
   +  system-cpu-policer name string
      +  entry-specific boolean
      +  max-packet-burst number
      +  peak-packet-rate number
      -  statistics
         -  conforming-octets number
         -  conforming-packets number
         -  exceeding-octets number
         -  exceeding-packets number
         -  last-clear string
+  system-filter
   +  ipv4-filter
      +  entry sequence-id number
         +  action
            +  accept
            +  drop
               +  log boolean
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  first-fragment boolean
            +  fragment boolean
            +  icmp
               +  code number
               +  type (number | keyword)
            +  protocol (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  statistics
            -  last-clear string
            -  last-match string
            -  matched-packets number
         -  tcam-entries number
      -  last-clear string
   +  ipv6-filter
      +  entry sequence-id number
         +  action
            +  accept
            +  drop
               +  log boolean
         +  description string
         +  match
            +  destination-ip
               +  address string
               +  mask string
               +  prefix string
            +  destination-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  icmp6
               +  code number
               +  type (number | keyword)
            +  next-header (number | keyword)
            +  source-ip
               +  address string
               +  mask string
               +  prefix string
            +  source-port
               +  operator keyword
               +  range
                  +  end (number | keyword)
                  +  start (number | keyword)
               +  value (number | keyword)
            +  tcp-flags string
         -  statistics
            -  last-clear string
            -  last-match string
            -  matched-packets number
         -  tcam-entries number
      -  last-clear string
+  tcam-profile keyword

acl Descriptions

acl

Description Top level container for configuration and operational state related to access control lists (ACLs)
Contextacl
Treeacl
ConfigurableTrue

sequence-id number

Description A number to indicate the relative evaluation order of the different entries; lower numbered entries are evaluated before higher numbered entries
Contextacl capture-filter ipv4-filter entry sequence-id number
Range1 to 65535
ConfigurableTrue

end (number | keyword)

Description The ending port number to include in the range
Contextacl capture-filter ipv4-filter entry sequence-id number match destination-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

start (number | keyword)

Description The starting port number to include in the range
Contextacl capture-filter ipv4-filter entry sequence-id number match destination-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

value (number | keyword)

Description A destination port number
Context acl capture-filter ipv4-filter entry sequence-id number match destination-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

first-fragment boolean

Description

Match the first fragment of an IPv4 datagram

A packet matches the true condition if the IPv4 header indicates that the fragment-offset is zero and and the more-fragments bit is 1. It is not valid to configure this leaf without configuring a match value for the fragment leaf.

Contextacl capture-filter ipv4-filter entry sequence-id number match first-fragment boolean
Treefirst-fragment
ConfigurableTrue

fragment boolean

Description

Match an IPv4 fragment

A packet matches the true condition if the IPv4 header indicates that the fragment-offset is zero and and the more-fragments bit is 1 or if the IPv4 header indicates that the fragment-offset is greater than 0. A packet matches the false condition if it is unfragmented.

Contextacl capture-filter ipv4-filter entry sequence-id number match fragment boolean
Treefragment
ConfigurableTrue

icmp

Description

A packet matches this condition if its ICMP type and code matches one of the specified combinations

The rule should also have a condition that the IP protocol equals 1 (ICMP) in order for this to be interpreted correctly.

Contextacl capture-filter ipv4-filter entry sequence-id number match icmp
Treeicmp
ConfigurableTrue

type (number | keyword)

Description Match a single ICMP type value.
Context acl capture-filter ipv4-filter entry sequence-id number match icmp type (number | keyword)
Treetype
Range0 to 255
Options
  • echo-reply

    ICMP Echo Reply

  • dest-unreachable

    ICMP Destination Unreachable

  • source-quench

    ICMP Source Quench

  • redirect

    ICMP Redirect

  • echo

    ICMP Echo

  • router-advertise

    ICMP Router Advertisement

  • router-solicit

    ICMP Router Solicitation

  • time-exceeded

    ICMP Time Exceeded

  • param-problem

    ICMP Parameter Problem

  • timestamp

    ICMP Timestamp

  • timestamp-reply

    ICMP Timestamp Reply

Configurable True

protocol (number | keyword)

Description An IPv4 packet matches this condition if its IP protocol type field matches the specified value
Contextacl capture-filter ipv4-filter entry sequence-id number match protocol (number | keyword)
Treeprotocol
Range0 to 255
Options
  • ipv6-hop

    IPv6 hop-by-hop option

  • icmp

    Internet Control Message Protocol

  • igmp

    Internet Group Management Protocol

  • ggp

    Gateway-to-Gateway Protocol

  • ipv4

    IPv4 encapsulation

  • st

    Stream Protocol

  • tcp

    Transmission Control Protocol

  • egp

    Exterior Gateway Protocol

  • igp

    Interior Gateway Protocol

  • udp

    User Datagram Protocol

  • ipv6

    IPv6 encapsulation

  • idrp

    Inter-Domain Routing Protocol

  • rsvp

    Resource Reservation Protocol

  • gre

    Generic Routing Encapsulation

  • esp

    IPSec Encapsulating Security Payload

  • ah

    IPSec Authentication Header

  • icmp6

    IPSec Authentication Header

  • no-next-hdr

    No Next Header for IPv6

  • ipv6-dest-opts

    Destination Options for IPv6

  • eigrp

    Cisco EIGRP

  • pim

    Protocol Independent Multicast

  • vrrp

    Virtual Router Redundancy Protocol

  • l2tp

    Layer Two Tunneling Protocol

  • sctp

    Stream Control Transmission Protocol

  • mpls-in-ip

    MPLS Encapsulation inside IP

  • rohc

    Robust Header Compression

ConfigurableTrue

source-port

Description

A packet matches this condition if its source TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl capture-filter ipv4-filter entry sequence-id number match source-port
Treesource-port
ConfigurableTrue

end (number | keyword)

Description The ending port number to include in the range
Contextacl capture-filter ipv4-filter entry sequence-id number match source-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

start (number | keyword)

Description The starting port number to include in the range
Contextacl capture-filter ipv4-filter entry sequence-id number match source-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

value (number | keyword)

Description A source port number
Context acl capture-filter ipv4-filter entry sequence-id number match source-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

sequence-id number

Description A number to indicate the relative evaluation order of the different entries; lower numbered entries are evaluated before higher numbered entries
Contextacl capture-filter ipv6-filter entry sequence-id number
Range1 to 65535
ConfigurableTrue

end (number | keyword)

Description The ending port number to include in the range
Contextacl capture-filter ipv6-filter entry sequence-id number match destination-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

start (number | keyword)

Description The starting port number to include in the range
Contextacl capture-filter ipv6-filter entry sequence-id number match destination-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

value (number | keyword)

Description A destination port number
Context acl capture-filter ipv6-filter entry sequence-id number match destination-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

icmp6

Description

A packet matches this condition if its ICMPv6 type and code matches one of the specified combinations

The rule should also have a condition that the next-header value equals 58 (ICMPv6) in order for this to be interpreted correctly.

Contextacl capture-filter ipv6-filter entry sequence-id number match icmp6
Treeicmp6
ConfigurableTrue

type (number | keyword)

Description Match a single ICMPv6 type value
Context acl capture-filter ipv6-filter entry sequence-id number match icmp6 type (number | keyword)
Treetype
Range0 to 255
Options
  • dest-unreachable

    ICMPv6 Destination Unreachable

  • packet-too-big

    ICMPv6 Packet Too Big

  • time-exceeded

    ICMPv6 Time Exceeded

  • param-problem

    Parameter Problem

  • echo-request

    ICMPv6 Echo Request

  • echo-reply

    ICMPv6 Echo Reply

  • mld-query

    Multicast Listener Discovery Query

  • mld-report

    Multicast Listener Discovery Report

  • mld-done

    Multicast Listener Discovery Done

  • router-solicit

    ICMPv6 Router Solicitation

  • router-advertise

    ICMPv6 Router Advertisement

  • neighbor-solicit

    ICMPv6 Neighbor Solicitation

  • neighbor-advertise

    ICMPv6 Neighbor Advertisement

  • redirect

    ICMPv6 Redirect

  • router-renumber

    ICMPv6 Router Renumbering

  • node-info-query

    ICMPv6 Node Information Query

  • node-info-response

    ICMPv6 Node Information Response

  • mld-v2

    Multicast Listener Discovery Version 2

  • mcast-rtr-adv

    Multicast Router Advertisement

  • mcast-rtr-solicit

    Multicast Router Solicitation

  • mcast-rtr-term

    Multicast Router Termination

ConfigurableTrue

next-header (number | keyword)

Description An IPv6 packet matches this condition if its first next-header field (in the IPv6 fixed header) contains the specified value
Contextacl capture-filter ipv6-filter entry sequence-id number match next-header (number | keyword)
Treenext-header
Range0 to 255
Options
  • ipv6-hop

    IPv6 hop-by-hop option

  • icmp

    Internet Control Message Protocol

  • igmp

    Internet Group Management Protocol

  • ggp

    Gateway-to-Gateway Protocol

  • ipv4

    IPv4 encapsulation

  • st

    Stream Protocol

  • tcp

    Transmission Control Protocol

  • egp

    Exterior Gateway Protocol

  • igp

    Interior Gateway Protocol

  • udp

    User Datagram Protocol

  • ipv6

    IPv6 encapsulation

  • idrp

    Inter-Domain Routing Protocol

  • rsvp

    Resource Reservation Protocol

  • gre

    Generic Routing Encapsulation

  • esp

    IPSec Encapsulating Security Payload

  • ah

    IPSec Authentication Header

  • icmp6

    IPSec Authentication Header

  • no-next-hdr

    No Next Header for IPv6

  • ipv6-dest-opts

    Destination Options for IPv6

  • eigrp

    Cisco EIGRP

  • pim

    Protocol Independent Multicast

  • vrrp

    Virtual Router Redundancy Protocol

  • l2tp

    Layer Two Tunneling Protocol

  • sctp

    Stream Control Transmission Protocol

  • mpls-in-ip

    MPLS Encapsulation inside IP

  • rohc

    Robust Header Compression

ConfigurableTrue

source-port

Description

A packet matches this condition if its source TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl capture-filter ipv6-filter entry sequence-id number match source-port
Treesource-port
ConfigurableTrue

end (number | keyword)

Description The ending port number to include in the range
Contextacl capture-filter ipv6-filter entry sequence-id number match source-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

start (number | keyword)

Description The starting port number to include in the range
Contextacl capture-filter ipv6-filter entry sequence-id number match source-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

value (number | keyword)

Description A source port number
Context acl capture-filter ipv6-filter entry sequence-id number match source-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

sequence-id number

Description A number to indicate the relative evaluation order of the different entries; lower numbered entries are evaluated before higher numbered entries
Contextacl cpm-filter ipv4-filter entry sequence-id number
Range1 to 65535
ConfigurableTrue

log boolean

Note:

This command is available for the following platforms:

  • 7250 IXR-6

  • 7250 IXR-10

Description

When this is true, a log is created for each packet matching the entry

The log entry contains the following information:

['timestamp', 'filter name', 'filter entry sequence-id', 'incoming linecard', 'action: accept', 'IP protocol', 'packet-length', 'source-IP', 'source-port (TCP/UDP packets)', 'dest-IP', 'dest-port (TCP/UDP packets)', 'icmp-type (ICMP packets)', 'icmp-code (ICMP packets)']

Contextacl cpm-filter ipv4-filter entry sequence-id number action accept log boolean
Treelog
Defaultfalse
ConfigurableTrue

log boolean

Description

When this is true, a log is created for each packet matching the entry

The log entry contains the following information:

['timestamp', 'filter name', 'filter entry sequence-id', 'incoming linecard', 'action: drop', 'IP protocol', 'packet-length', 'source-IP', 'source-port (TCP/UDP packets)', 'dest-IP', 'dest-port (TCP/UDP packets)', 'icmp-type (ICMP packets)', 'icmp-code (ICMP packets)']

Contextacl cpm-filter ipv4-filter entry sequence-id number action drop log boolean
Treelog
Defaultfalse
ConfigurableTrue

destination-port

Description

A packet matches this condition if its destination TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv4-filter entry sequence-id number match destination-port
Treedestination-port
ConfigurableTrue

end (number | keyword)

Description The ending port number to include in the range
Contextacl cpm-filter ipv4-filter entry sequence-id number match destination-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

start (number | keyword)

Description The starting port number to include in the range
Contextacl cpm-filter ipv4-filter entry sequence-id number match destination-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

value (number | keyword)

Description A destination port number
Context acl cpm-filter ipv4-filter entry sequence-id number match destination-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

first-fragment boolean

Description

Match the first fragment of an IPv4 datagram

A packet matches the true condition if the IPv4 header indicates that the fragment-offset is zero and and the more-fragments bit is 1. It is not valid to configure this leaf without configuring a match value for the fragment leaf.

Contextacl cpm-filter ipv4-filter entry sequence-id number match first-fragment boolean
Treefirst-fragment
ConfigurableTrue

fragment boolean

Description

Match an IPv4 fragment

A packet matches the true condition if the IPv4 header indicates that the fragment-offset is zero and and the more-fragments bit is 1 or if the IPv4 header indicates that the fragment-offset is greater than 0. A packet matches the false condition if it is unfragmented.

Contextacl cpm-filter ipv4-filter entry sequence-id number match fragment boolean
Treefragment
ConfigurableTrue

icmp

Description

A packet matches this condition if its ICMP type and code matches one of the specified combinations

The rule should also have a condition that the IP protocol equals 1 (ICMP) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv4-filter entry sequence-id number match icmp
Treeicmp
ConfigurableTrue

type (number | keyword)

Description Match a single ICMP type value.
Context acl cpm-filter ipv4-filter entry sequence-id number match icmp type (number | keyword)
Treetype
Range0 to 255
Options
  • echo-reply

    ICMP Echo Reply

  • dest-unreachable

    ICMP Destination Unreachable

  • source-quench

    ICMP Source Quench

  • redirect

    ICMP Redirect

  • echo

    ICMP Echo

  • router-advertise

    ICMP Router Advertisement

  • router-solicit

    ICMP Router Solicitation

  • time-exceeded

    ICMP Time Exceeded

  • param-problem

    ICMP Parameter Problem

  • timestamp

    ICMP Timestamp

  • timestamp-reply

    ICMP Timestamp Reply

Configurable True

protocol (number | keyword)

Description An IPv4 packet matches this condition if its IP protocol type field matches the specified value
Contextacl cpm-filter ipv4-filter entry sequence-id number match protocol (number | keyword)
Treeprotocol
Range0 to 255
Options
  • ipv6-hop

    IPv6 hop-by-hop option

  • icmp

    Internet Control Message Protocol

  • igmp

    Internet Group Management Protocol

  • ggp

    Gateway-to-Gateway Protocol

  • ipv4

    IPv4 encapsulation

  • st

    Stream Protocol

  • tcp

    Transmission Control Protocol

  • egp

    Exterior Gateway Protocol

  • igp

    Interior Gateway Protocol

  • udp

    User Datagram Protocol

  • ipv6

    IPv6 encapsulation

  • idrp

    Inter-Domain Routing Protocol

  • rsvp

    Resource Reservation Protocol

  • gre

    Generic Routing Encapsulation

  • esp

    IPSec Encapsulating Security Payload

  • ah

    IPSec Authentication Header

  • icmp6

    IPSec Authentication Header

  • no-next-hdr

    No Next Header for IPv6

  • ipv6-dest-opts

    Destination Options for IPv6

  • eigrp

    Cisco EIGRP

  • pim

    Protocol Independent Multicast

  • vrrp

    Virtual Router Redundancy Protocol

  • l2tp

    Layer Two Tunneling Protocol

  • sctp

    Stream Control Transmission Protocol

  • mpls-in-ip

    MPLS Encapsulation inside IP

  • rohc

    Robust Header Compression

ConfigurableTrue

source-port

Description

A packet matches this condition if its source TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv4-filter entry sequence-id number match source-port
Treesource-port
ConfigurableTrue

end (number | keyword)

Description The ending port number to include in the range
Contextacl cpm-filter ipv4-filter entry sequence-id number match source-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

start (number | keyword)

Description The starting port number to include in the range
Contextacl cpm-filter ipv4-filter entry sequence-id number match source-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

value (number | keyword)

Description A source port number
Context acl cpm-filter ipv4-filter entry sequence-id number match source-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

sequence-id number

Description A number to indicate the relative evaluation order of the different entries; lower numbered entries are evaluated before higher numbered entries
Contextacl cpm-filter ipv6-filter entry sequence-id number
Range1 to 65535
ConfigurableTrue

log boolean

Note:

This command is available for the following platforms:

  • 7250 IXR-6

  • 7250 IXR-10

Description

When this is true, a log is created for each packet matching the entry

The log entry contains the following information:

['timestamp', 'filter name', 'filter entry sequence-id', 'incoming linecard', 'action: accept', 'IP protocol', 'packet-length', 'source-IP', 'source-port (TCP/UDP packets)', 'dest-IP', 'dest-port (TCP/UDP packets)', 'icmp-type (ICMP packets)', 'icmp-code (ICMP packets)']

Contextacl cpm-filter ipv6-filter entry sequence-id number action accept log boolean
Treelog
Defaultfalse
ConfigurableTrue

log boolean

Description

When this is true, a log is created for each packet matching the entry

The log entry contains the following information:

['timestamp', 'filter name', 'filter entry sequence-id', 'incoming linecard', 'action: drop', 'IP protocol', 'packet-length', 'source-IP', 'source-port (TCP/UDP packets)', 'dest-IP', 'dest-port (TCP/UDP packets)', 'icmp-type (ICMP packets)', 'icmp-code (ICMP packets)']

Contextacl cpm-filter ipv6-filter entry sequence-id number action drop log boolean
Treelog
Defaultfalse
ConfigurableTrue

destination-port

Description

A packet matches this condition if its destination TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv6-filter entry sequence-id number match destination-port
Treedestination-port
ConfigurableTrue

end (number | keyword)

Description The ending port number to include in the range
Contextacl cpm-filter ipv6-filter entry sequence-id number match destination-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

start (number | keyword)

Description The starting port number to include in the range
Contextacl cpm-filter ipv6-filter entry sequence-id number match destination-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

value (number | keyword)

Description A destination port number
Context acl cpm-filter ipv6-filter entry sequence-id number match destination-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

icmp6

Description

A packet matches this condition if its ICMPv6 type and code matches one of the specified combinations

The rule should also have a condition that the next-header value equals 58 (ICMPv6) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv6-filter entry sequence-id number match icmp6
Treeicmp6
ConfigurableTrue

type (number | keyword)

Description Match a single ICMPv6 type value
Context acl cpm-filter ipv6-filter entry sequence-id number match icmp6 type (number | keyword)
Treetype
Range0 to 255
Options
  • dest-unreachable

    ICMPv6 Destination Unreachable

  • packet-too-big

    ICMPv6 Packet Too Big

  • time-exceeded

    ICMPv6 Time Exceeded

  • param-problem

    Parameter Problem

  • echo-request

    ICMPv6 Echo Request

  • echo-reply

    ICMPv6 Echo Reply

  • mld-query

    Multicast Listener Discovery Query

  • mld-report

    Multicast Listener Discovery Report

  • mld-done

    Multicast Listener Discovery Done

  • router-solicit

    ICMPv6 Router Solicitation

  • router-advertise

    ICMPv6 Router Advertisement

  • neighbor-solicit

    ICMPv6 Neighbor Solicitation

  • neighbor-advertise

    ICMPv6 Neighbor Advertisement

  • redirect

    ICMPv6 Redirect

  • router-renumber

    ICMPv6 Router Renumbering

  • node-info-query

    ICMPv6 Node Information Query

  • node-info-response

    ICMPv6 Node Information Response

  • mld-v2

    Multicast Listener Discovery Version 2

  • mcast-rtr-adv

    Multicast Router Advertisement

  • mcast-rtr-solicit

    Multicast Router Solicitation

  • mcast-rtr-term

    Multicast Router Termination

ConfigurableTrue

next-header (number | keyword)

Description An IPv6 packet matches this condition if its first next-header field (in the IPv6 fixed header) contains the specified value
Contextacl cpm-filter ipv6-filter entry sequence-id number match next-header (number | keyword)
Treenext-header
Range0 to 255
Options
  • ipv6-hop

    IPv6 hop-by-hop option

  • icmp

    Internet Control Message Protocol

  • igmp

    Internet Group Management Protocol

  • ggp

    Gateway-to-Gateway Protocol

  • ipv4

    IPv4 encapsulation

  • st

    Stream Protocol

  • tcp

    Transmission Control Protocol

  • egp

    Exterior Gateway Protocol

  • igp

    Interior Gateway Protocol

  • udp

    User Datagram Protocol

  • ipv6

    IPv6 encapsulation

  • idrp

    Inter-Domain Routing Protocol

  • rsvp

    Resource Reservation Protocol

  • gre

    Generic Routing Encapsulation

  • esp

    IPSec Encapsulating Security Payload

  • ah

    IPSec Authentication Header

  • icmp6

    IPSec Authentication Header

  • no-next-hdr

    No Next Header for IPv6

  • ipv6-dest-opts

    Destination Options for IPv6

  • eigrp

    Cisco EIGRP

  • pim

    Protocol Independent Multicast

  • vrrp

    Virtual Router Redundancy Protocol

  • l2tp

    Layer Two Tunneling Protocol

  • sctp

    Stream Control Transmission Protocol

  • mpls-in-ip

    MPLS Encapsulation inside IP

  • rohc

    Robust Header Compression

ConfigurableTrue

source-port

Description

A packet matches this condition if its source TCP or UDP port number matches the value or range that is specified

The rule should also have a condition that the IP protocol equals 6 (TCP) or 17 (UDP) in order for this to be interpreted correctly.

Contextacl cpm-filter ipv6-filter entry sequence-id number match source-port
Treesource-port
ConfigurableTrue

end (number | keyword)

Description The ending port number to include in the range
Contextacl cpm-filter ipv6-filter entry sequence-id number match source-port range end (number | keyword)
Treeend
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

start (number | keyword)

Description The starting port number to include in the range
Contextacl cpm-filter ipv6-filter entry sequence-id number match source-port range start (number | keyword)
Treestart
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue

value (number | keyword)

Description A source port number
Context acl cpm-filter ipv6-filter entry sequence-id number match source-port value (number | keyword)
Treevalue
Range0 to 65535
Options
  • acap

    Application Configuration Access Protocol

  • afp-tcp

    Apple Filing Protocol over TCP

  • arns

    A Remote Network Server System

  • asf-rmcp

    ASF Remote Management and Control Protocol & IPMI Remote Management Protocol

  • ashare

    AppleShare IP Web Administration

  • atalk-rm

    AppleTalk Routing Maintenance

  • aurp

    AppleTalk Update-Based Routing Protocol

  • auth

    Authentication Service

  • bfd

    Bidirectional Forwarding Detection Single Hop

  • bfd-echo

    BFD Echo

  • bftp

    Background File Transfer Program

  • bgmp

    Border Gateway Multicast Protocol

  • bgp

    Border Gateway Protocol

  • bootpc

    Bootstrap Protocol (BOOTP) Client and DHCP Client

  • bootps

    Bootstrap Protocol (BOOTP) Server and DHCP Server

  • ccso-ns

    CCSO Nameserver

  • chargen

    Character Generator Protocol (CHARGEN)

  • cisco-tdp

    Cisco Tag Distribution Protocol

  • citadel

    Citadel

  • clearcase

    ClearCase albd

  • commerce

    Commerce Applications

  • courier

    Remote Procedure Call

  • daytime

    Daytime Protocol

  • dhcpv6-client

    DHCPv6 Client

  • dhcpv6-server

    DHCPv6 Server

  • dhcp-failover

    DHCP Failover Protocol

  • dicom

    Digital Imaging and Communications in Medicine

  • discard

    Discard Protocol. Also Wake-on-LAN.

  • dnsix

    DNSIX security protocol auditing

  • domain

    Domain Name System

  • dsp

    Display Support Protocol

  • echo

    Echo Protocol

  • epp

    Extensible Provisioning Protocol

  • esro

    Efficient Short Remote Operations (ESRO)

  • exec

    Remote Process Execution (Rexec)

  • finger

    Finger protocol

  • ftp

    File Transfer Protocol control

  • ftp-data

    File Transfer Protocol data

  • ftps

    FTPS (FTP over SSL/TLS) control

  • ftps-data

    FTPS (FTP over SSL/TLS) data

  • godi

    Group Domain Of Interpretation (GDOI) protocol

  • gopher

    Gopher protocol

  • gtp-c

    GTP control messages (GTP-C)

  • gtp-prime

    GTP prime CDR logging protocol

  • gtp-u

    GTP user data messages (GTP-U)

  • ha-cluster

    Linux-HA high-availability heartbeat

  • hostname

    NIC hostname server

  • hp-alarm-mgr

    HP data alarm manager

  • http

    Hypertext Transfer Protocol

  • http-alt

    FileMaker Web Sharing (HTTP Alternate)

  • http-mgmt

    http-mgmt

  • http-rpc

    Remote procedure call over Hypertext Transfer Protocol

  • https

    Hypertext Transfer Protocol over TLS/SSL

  • ieee-mms-ssl

    IEEE Media Management System over SSL

  • imap

    Internet Message Access Protocol (IMAP)

  • imap3

    Internet Message Access Protocol (IMAP), version 3

  • imaps

    Internet Message Access Protocol over TLS/SSL

  • ipp

    Internet Printing Protocol

  • ipsec

    Internet Protocol Security (IPSec)

  • ipx

    Internetwork Packet Exchange (IPX)

  • irc

    Internet Relay Chat (IRC)

  • iris-beep

    IRIS (Internet Registry Information Service) over BEEP

  • isakmp

    Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)

  • isakmp-nat

    IPSec NAT Traversal

  • iscsi

    iSCSI

  • iso-tsap

    ISO Transport Service Access Point (TSAP) Class 0 protocol

  • kerberos

    Kerberos authentication system

  • kerberos-adm

    Kerberos administration

  • klogin

    Kerberos login

  • kpasswd

    Kerberos Change/Set password

  • kshell

    Kerberos Remote shell

  • l2tp

    Layer 2 Forwarding Protocol (L2F) and Layer 2 Tunneling Protocol (L2TP)

  • ldap

    Lightweight Directory Access Protocol (LDAP)

  • ldaps

    Lightweight Directory Access Protocol over TLS/SSL (LDAPS)

  • ldp

    Label Distribution Protocol

  • lmp

    Link Management Protocol (LMP)

  • login

    rlogin (TCP) or Who (UDP)

  • lpd

    Line Printer Daemon

  • lsp-ping

    MPLS LSP-echo

  • mac-server-adm

    Mac OS X Server administration

  • matip-a

    Mapping of Airline Traffic over Internet Protocol (MATIP) type A

  • matip-b

    Mapping of Airline Traffic over Internet Protocol (MATIP) type B

  • micro-bfd

    BFD session over each LAG member link

  • microsoft-ds

    Microsoft Directory Services

  • mobile-ip

    Mobile IP Agent

  • monitor

    Monitor

  • mpp

    Message posting protocol (MPP)

  • mssql-m

    Microsoft SQL Server database management system (MSSQL) monitor

  • mssql-s

    Microsoft SQL Server database management system (MSSQL) server

  • msdp

    Multicast Source Discovery Protocol

  • ms-exchange

    MS Exchange Routing

  • msp

    Message Send Protocol

  • multihop-bfd

    Bidirectional Forwarding Detection Multi-Hop

  • nas

    Netnews Administration System (NAS)

  • ncp

    NetWare Core Protocol

  • netrjs-1

    NETRJS protocol

  • netrjs-2

    NETRJS protocol

  • netrjs-3

    NETRJS protocol

  • netrjs-4

    NETRJS protocol

  • netbios-data

    NetBIOS Datagram Service

  • netbios-ns

    NetBIOS Name Service

  • netbios-ss

    NetBIOS Session Service

  • netnews

    Netnews

  • netwall

    netwall, for Emergency Broadcasts

  • new-rwho

    new-rwho, new-who

  • nfs

    Network File System (NFS)

  • nntp

    Network News Transfer Protocol (NNTP)

  • nntps

    Network News Transfer Protocol over TLS/SSL (NNTPS)

  • ntp

    Network Time Protocol (NTP)

  • odmr

    On-Demand Mail Relay (ODMR)

  • olsr

    Optimized Link State Routing (OLSR)

  • openvpn

    OpenVPN

  • pim-auto-rp

    PIM Auto-RP

  • pkix-timestamp

    PKIX Time Stamp Protocol (TSP)

  • pop2

    Post Office Protocol, version 2 (POP2)

  • pop3

    Post Office Protocol, version 3 (POP3)

  • pop3s

    Post Office Protocol 3 over TLS/SSL (POP3S)

  • pptp

    Point-to-Point Tunneling Protocol (PPTP)

  • ptp-event

    Precision Time Protocol (PTP) event messages

  • ptp-general

    Precision Time Protocol (PTP) general messages

  • print-srv

    Network PostScript print server

  • qmtp

    Quick Mail Transfer Protocol

  • qotd

    Quote of the Day (QOTD)

  • radius

    RADIUS authentication protocol

  • radius-acct

    RADIUS accounting protocol

  • remote-mail

    Remote Mail Checking Protocol

  • remotefs

    Remotefs, RFS Server

  • remotecmd

    SupportSoft Nexus Remote Command

  • rip

    Routing Information Protocol

  • rje

    Remote Job Entry

  • rlp

    Resource Location Protocol

  • rlzdb

    RLZ DBase

  • rmc

    IBM RMC (Remote monitoring and Control) protocol

  • rmonitor

    rmonitor, Remote Monitor

  • rpc2portmap

    Rpc2portmap

  • rsync

    rsync file synchronization protocol

  • rtelnet

    Remote User Telnet Service (RTelnet)

  • rtsp

    Real Time Streaming Protocol (RTSP)

  • sgmp

    Simple Gateway Monitoring Protocol (SGMP)

  • silc

    Secure Internet Live Conferencing (SILC)

  • smux

    SNMP multiplexing protocol (SMUX)

  • sna-gw

    IBM Systems Network Architecture (SNA) gateway access server

  • snmp

    Simple Network Management Protocol (SNMP)

  • snmp-trap

    SNMP Traps

  • snpp

    Simple Network Paging Protocol (SNPP)

  • smtp

    Simple Mail Transfer Protocol (SMTP)

  • sql-svcs

    Structured Query Language (SQL) Services

  • sql

    Structured Query Language (SQL) Service

  • ssh

    Secure Shell Protocol

  • submission

    Email message submission (SMTP)

  • sunrpc

    Open Network Computing Remote Procedure Call (ONC RPC), also Sun RPC

  • svcloc

    Service Location Protocol (SLP)

  • syslog

    Syslog (UDP) and Remote Shell (TCP)

  • systat

    Active Users (systat service)

  • tacacs

    TACACS Login Host protocol

  • talk

    Talk

  • tcpmux

    TCP Port Service Multiplexer (TCPMUX)

  • tcpnethaspsrv

    tcpnethaspsrv, Aladdin Knowledge Systems Hasp services

  • tftp

    Trivial File Transfer Protocol (TFTP)

  • time

    Time Protocol

  • timed

    Timeserver

  • ups

    Uninterruptible power supply (UPS)

  • xdmcp

    X Display Manager Control Protocol (XDMCP)

  • xns-ch

    Xerox Network Systems (XNS) Clearinghouse (Name Server)

  • xns-mail

    Xerox Network Systems (XNS) Mail

  • xns-time

    Xerox Network Systems (XNS) Time Protocol

  • z3950

    ANSI Z39.50

ConfigurableTrue