service protocol (NAT policy rule view)
Function
The service protocol command references the TCP/UDP/SCTP port or Internet-layer protocols in the NAT policy rule.
The undo service protocol command cancels the reference of the TCP/UDP/SCTP port or protocol in the NAT policy rule.
Format
# Reference a TCP/UDP/SCTP port in the NAT policy rule. If the port is not specified, the default value is TCP/UDP/SCTP.
service protocol { { 17 | udp } | { 6 | tcp } | { 132 | sctp } [ source-port { source-port | start-source-port to end-source-port } &<1-64> | destination-port { destination-port | start-destination-port to end-destination-port } &<1-64> ] *
# Cancel the reference of TCP/UDP/SCTP port in the NAT policy rule.
undo service protocol { { 17 | udp } | { 6 | tcp } { 132 | sctp } [ source-port { source-port | start-source-port to end-source-port } &<1-64> | destination-port { destination-port | start-destination-port to end-destination-port } &<1-64> ] *
# Reference the ICMP packet type in the NAT policy rule.
service protocol { 1 | icmp } [ icmp-type { icmp-name | icmp-type-number { icmp-code-number [ to icmp-code-number ] } &<1-64> } ]
# Cancel the reference of the ICMP packet type in the NAT policy rule.
undo service protocol { 1 | icmp } [ icmp-type { icmp-name | icmp-type-number { icmp-code-number [ to icmp-code-number ] } &<1-64> } ]
# Reference the ICMPv6 packet type in the NAT policy rule.
service protocol { 58 | icmpv6 } [ icmpv6-type { icmpv6-name | icmpv6-type-number { icmpv6-code-number [ to icmpv6-code-number ] } &<1-64> } ]
# Cancel the reference of the ICMPv6 packet type in the NAT policy rule.
undo service protocol { 58 | icmpv6 } [ icmpv6-type { icmpv6-name | icmpv6-type-number { icmpv6-code-number [ to icmpv6-code-number ] } &<1-64> } ]
# Reference protocols except 1-ICMP, 6-TCP, 17-UDP, 58-ICMPv6, and 132-SCTP in the NAT policy rule. For detailed mapping, refer to the standard protocol number list.
service protocol protocol-number
# Cancel the reference of protocols except 1-ICMP, 6-TCP, 17-UDP, 58-ICMPv6, and 132-SCTP in the NAT policy rule.
undo service protocol protocol-number
Parameters
| Parameter | Description | Value |
|---|---|---|
| 17 | udp | Indicates UDP. | - |
| 6 | tcp | Indicates TCP. | - |
| 132 | sctp | Indicates SCTP. | - |
| source-port { source-port | start-source-port to end-source-port } | Specifies the source port or source port range. |
The value is an integer ranging from 0 to 65535. |
| destination-port { destination-port | start-destination-port to end-destination-port } | Specifies the destination port or destination port range. |
The value is an integer ranging from 0 to 65535. |
| 1 | icmp | Indicates ICMP. |
- |
| icmp-type | Indicates the ICMP packet type and message code. |
- |
| icmp-name | Specifies the ICMP packet type name. |
- |
| icmp-type-number { icmp-code-number [ to icmp-code-number ] } &<1-64> | Specifies the ICMP packet type number and message code. |
The value is an integer ranging from 0 to 255. A maximum of 64 groups of ICMP packet type numbers and message codes can be added to or deleted from a security policy rule at a time. |
| 58 | icmpv6 | Indicates ICMPv6. |
- |
| icmpv6-type | Indicates the ICMPv6 packet type and message code. |
- |
| icmpv6-name | Specifies the ICMPv6 packet type name. |
- |
| icmpv6-type-number { icmpv6-code-number [ to icmpv6-code-number ] } &<1-64> | Specifies the ICMPv6 packet type number and message code. |
The value is an integer ranging from 0 to 255. A maximum of 64 groups of ICMP packet type numbers and message codes can be added to or deleted from a security policy rule at a time. |
| protocol-number | Specifies the protocol number except 1-ICMP, 6-TCP, 17-UDP, 58-ICMPv6, and 132-SCTP. |
The value is an integer ranging from 0 to 255. |
