display nat-policy rule { all [ slot slot-id cpu cpu-id ] | name rule-name }
display nat-policy rule [ verbose ] { source-zone { source-zone-name | any } | destination-zone { destination-zone-name | any } | { source { source-ip-address | any } | destination { destination-ip-address | any } } | protocol { { tcp | udp | sctp } [ source-port source-port | destination-port destination-port ]* | icmp | protocol-number | any } }*
| Parameter | Description | Value |
|---|---|---|
all |
Displays the configurations of all NAT policy rules. |
- |
slot slot-id |
Specifies the slot number. Only the USG6635E/6655E, USG6680E and USG6712E/6716E support this parameter. |
- |
cpu cpu-id |
Specifies the CPU ID. Only the USG6635E/6655E, USG6680E and USG6712E/6716E support this parameter. |
- |
name rule-name |
Displays the configurations of a specified NAT policy rule. |
The policy rule must exist. The value is a case-sensitive character string. The length of a name without spaces ranges from 1 to 32 characters. The length of a name with spaces ranges from 3 to 34 characters. If a name contains spaces, the name must be enclosed with quotation marks (for example, "user for test"). The name cannot contain any question marks (?), commas (,), or quotation marks ("). |
verbose |
Indicates detailed information about a NAT policy rule. |
- |
source-zone source-zone-name |
Specifies the source zone of a NAT policy rule. |
- |
destination-zone destination-zone-name |
Specifies the destination zone of a NAT policy rule. |
- |
source source-ip-address |
Specifies the source address configured in a NAT policy rule. |
The value can be an IPv4 or IPv6 address. |
destination destination-ip-address |
Specifies the destination address configured in a NAT policy rule. |
The value can be an IPv4 or IPv6 address. |
protocol |
Indicates a connection protocol. |
- |
any |
Indicates any source security zone, destination security zone, source address, destination address, or protocol in a NAT policy rule. |
- |
tcp |
Indicates the Transmission Control Protocol (TCP). |
- |
udp |
Indicates the User Datagram Protocol (UDP). |
- |
sctp |
Indicates the Stream Control Transmission Protocol (SCTP). |
- |
icmp |
Indicates the Internet Control Message Protocol (ICMP). |
- |
protocol-number |
Indicates the protocol number except 1-ICMP, 6-TCP, and 17-UDP. |
The value is an integer ranging from 0 to 255. |
source-port source-port |
Specifies the source port configured in a NAT policy rule. |
The value is an integer ranging from 0 to 65535. |
destination-port destination-port |
Specifies the destination port configured in a NAT policy rule. |
The value is an integer ranging from 0 to 65535. |
# Display the configuration of a NAT policy rule named abc.
<sysname> display nat-policy rule name abc
(3 times matched)
rule name abc
source-zone trust
destination-zone trust
action source-nat address-group abc
# Display the configurations of all NAT policy rules.
<sysname> display nat-policy rule all Total:3 RULE ID RULE NAME STATE ACTION HITS ----------------------------------------------------------------------- 1 test disable no-nat 0 2 abc enable source-nat 5 0 default enable no-nat 0 ----------------------------------------------------------------------
# Display the configuration of the NAT policy rule with the source security zone being Trust.
<sysname> display nat-policy rule source-zone trust Total:3 RULE ID RULE NAME STATE ACTION HITS ----------------------------------------------------------------------- 1 test disable no-nat 0 2 abc enable source-nat 5 0 default enable no-nat 0 ----------------------------------------------------------------------
Item |
Description |
|---|---|
Total |
Total number of NAT policy rules |
RULE ID |
ID of the NAT policy rule |
RULE NAME |
Name of a NAT policy rule |
STATE |
NAT policy rule status:
|
ACTION |
NAT policy rule action:
|
HITS |
Number of times traffic matches a NAT policy rule |