< Home

service protocol (service set object view)

Function

The service protocol command adds items to a user-defined service set of the object type.

The undo service command deletes items from a user-defined service set.

Format

Add items for the service object.

  • For TCP, SCTP or UDP:

    service [ id ] protocol protocol [ source-port { src-port-number-1 [ to src-port-number-2 ] } &<1-64> | destination-port { dst-port-number-1 [ to dst-port-number-2 ] } &<1-64> ] * [ description description ]

  • For ICMP:

    service [ id ] protocol protocol [ icmp-type { icmp-type-name | icmp-type-number { icmp-code [ to icmpv-code1 ] } &<1-64> } ] [ description description ]

  • For ICMPv6:

    service [ id ] protocol protocol [ icmpv6-type { icmpv6-type-name | icmpv6-type-number { icmpv6-code [ to icmpv6-code1 ] } &<1-64> } ] [ description description ]

  • For other protocols:

    service [ id ] protocol protocol [ description description ]

Delete items for the service object.

undo service id [ protocol { udp | tcp | sctp } { source-port { src-port-number-1 [ to src-port-number-2 ] } &<1-64> | destination-port { dst-port-number-1 [ to dst-port-number-2 ] } &<1-64> } * ]

Parameters

Parameter Description Value
id Specifies the ID of an item in a user-defined service set. The value is an integer. For the range value, see
  • USG6510E/6510E-POE: The value is from 0 to 255
  • USG6530E: The value is from 0 to 255
  • USG6515E: The value is from 0 to 255
  • USG6525E: The value is from 0 to 255
  • USG6550E/6560E/6580E: The value is from 0 to 255
  • USG6555E/6565E/6575E-B/6585E/6605E-B: The value is from 0 to 255
  • USG6610E/6620E: The value is from 0 to 511
  • USG6615E/6625E: The value is from 0 to 511
  • USG6635E/6655E: The value is from 0 to 511
  • USG6630E: The value is from 0 to 511
  • USG6650E: The value is from 0 to 511
  • USG6680E: The value is from 0 to 511
  • USG6712E/6716E: The value is from 0 to 511
protocol protocol

Specifies the protocol by protocol name or protocol number.

 It can be an integer ranging from 0 to 255 or a string, such as icmp, icmpv6, tcp, udp, and sctp, with the protocol ID being 1, 58, 6, 17, and 132.
udp Indicates the User Datagram Protocol (UDP). -
tcp Indicates the Transmission Control Protocol (TCP). -
sctp Indicates the Stream Control Transmission Protocol (SCTP). -
source-port { src-port-number-1 [ to src-port-number-2 ] } Indicates the source port range.
  • The value of the start source port is an integer ranging from 0 to 65535.
  • The value of the end source port is an integer ranging from 0 to 65535.
destination-port { dst-port-number-1 [ to dst-port-number-2 ] } Indicates the destination port range.
  • The value of the start destination port is an integer ranging from 0 to 65535.
  • The value of the end destination port is an integer ranging from 0 to 65535.
description description Specifies the description of the item in the user-defined service set. The value is a string of 1 to 64 characters without spaces.
icmp-type icmp-type-name Specifies the ICMP packet type name. This parameter applies only to ICMP. If no parameters are set, all ICMP messages will be matched. For icmp-type-name values, see Table 1.
icmp-type icmp-type-number icmp-code [ to icmpv-code1 ] Specifies the ICMP packet type number and ICMP message code or code range. This parameter applies only to ICMP. If no parameters are set, all ICMP messages will be matched. For icmp-type-number and icmp-code values, see Table 1.
icmpv6-type icmpv6-type-name Specifies the ICMPv6 packet type name. This parameter applies only to ICMPv6. If no parameters are set, all ICMPv6 messages will be matched. For icmp-type-name values, see Table 2.
icmpv6-type icmpv6-type-number icmpv6-code [ to icmpv6-code1 ] Specifies the ICMPv6 packet type number and ICMPv6 message code or code range. This parameter applies only to ICMPv6. If no parameters are set, all ICMPv6 messages will be matched. For icmp-type-number and icmp-code values, see Table 2.
Table 1 Relationship between icmp-type-name, icmp-type-number and icmp-code

icmp-type-name

icmp-type-number

icmp-code

Echo

8

0

Echo-reply

0

0

Parameter-problem

12

0

Port-unreachable

3

3

Protocol-unreachable

3

2

Reassembly-timeout

11

1

Source-quench

4

0

Source-route-failed

3

5

Timestamp-reply

14

0

Timestamp-request

13

0

Ttl-exceeded

11

0

Fragmentneed-DFset

3

4

Host-redirect

5

1

Host-tos-redirect

5

3

Host-unreachable

3

1

Information-reply

16

0

Information-request

15

0

Net-redirect

5

0

Net-tos-redirect

5

2

Net-unreachable

3

0
Table 2 Relationship between icmpv6-type-name, icmpv6-type-number and icmpv6-code

icmpv6-type-name

icmpv6-type-number

icmpv6-code

Redirect

137

0

Echo

128

0

Echo-reply

129

0

Err-Header-field

4

0

Frag-time-exceeded

3

1

Hop-limit-exceeded

3

0

Host-admin-prohib

1

1

Host-unreachable

1

3

Neighbor-advertisement

136

0

Neighbor-solicitation

135

0

Network-unreachable

1

0

Packet-too-big

2

0

Port-unreachable

1

4

Router-advertisement

134

0

Router-solicitation

133

0

Unknown-ipv6-opt

4

2

Unknown-next-hdr

4

1

Views

Service set object view

Default Level

2: Configuration level

Usage Guidelines

An ID is the unique identifier of an item in a service set. If no ID is specified, the system automatically assigns an ID to each item.

Example

# Add an item to user-defined service set set1 and configure the protocol, source port number, and destination port number for the item.

<sysname> system-view
[sysname] ip service-set set1 type object
[sysname-object-service-set-set1] service protocol tcp source-port 8000 destination-port 7000
Parent Topic: Service and Service Group Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic