< Home

service (security policy rule view)

Function

The service command configures services to which a security policy rule applies.

The undo service command deletes services to which a security policy rule applies.

Format

service { service-name &<1-6> | any }

undo service { service-name &<1-6> | all }

Parameters

Parameter Description Value
service-name &<1-6> Specifies the name of a service or service group. The specified service or service group must exist. You can add or delete a maximum of six services or service groups at a time.
any Indicates any service to which a security policy rule applies. -
all Deletes all services to which a security policy rule applies. -

Views

Security policy rule view

Default Level

2: Configuration level

Usage Guidelines

The service/service group referenced in a security policy can be either a predefined service or user-defined service/service group. You can use the ip service-set command to configure user-defined services/service groups. The system provides predefined services. You can run the display predefined-service command to display details on predefined services.

The security policies cannot reference the predefined services with dynamic ports, namely, the predefined services whose port is identified as dynamic port.

Example

# Apply security policy rule policy_sec to service h323.

<sysname> system-view
[sysname] security-policy
[sysname-policy-security] rule name policy_sec
[sysname-policy-security-rule-policy_sec] service h323
Parent Topic: Security Policy Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >