service protocol (audit policy rule view)
Function
The service protocol command references the SCTP, TCP, or UDP port or network-layer protocols in the audit policy.
The undo service protocol command cancels the reference of the SCTP, TCP, UDP port or network-layer protocols in the audit policy.
Format
# Reference the SCTP, TCP, or UDP port in the audit policy. If the port is not specified, the default value is SCTP, TCP or UDP.
service protocol { { 132 | sctp } | { 6 | tcp } | { 17 | udp } } [ source-port { source-port | start-source-port to end-source-port } &<1-64> | destination-port { destination-port | start-destination-port to end-destination-port } &<1-64> ] *
# Cancel the reference of the SCTP, TCP, or UDP port in the audit policy. If the port is not specified, the default value is SCTP, TCP or UDP.
undo service protocol { { 132 | sctp } | { 6 | tcp } | { 17 | udp } } [ source-port { source-port | start-source-port to end-source-port } &<1-64> | destination-port { destination-port | start-destination-port to end-destination-port } &<1-64> ] *
# Reference the ICMP packet type in the audit policy.
service protocol { 1 | icmp } [ icmp-type { icmp-name | icmp-type-number { icmp-code-number [ to icmp-code-number ] } &<1-64> } ]
# Cancel the reference of the ICMP packet type in the audit policy.
undo service protocol { 1 | icmp } [ icmp-type { icmp-name | icmp-type-number { icmp-code-number [ to icmp-code-number ] } &<1-64> } ]
# Reference the ICMPv6 packet type in the audit policy.
service protocol { 58 | icmpv6 } [ icmpv6-type { icmpv6-name | icmpv6-type-number { icmpv6-code-number [ to icmpv6-code-number ] } &<1-64> } ]
# Cancel the reference of the ICMPv6 packet type in the audit policy.
undo service protocol { 58 | icmpv6 } [ icmpv6-type { icmpv6-name | icmpv6-type-number { icmpv6-code-number [ to icmpv6-code-number ] } &<1-64> } ]
# Reference network-layer protocols except 1-ICMP, 6-TCP, 17-UDP, 58-ICMPv6 and 132-SCTP in the audit policy. For detailed mapping, refer to the standard network-layer protocol number list.
service protocol protocol-number
# Cancel the reference of network-layer protocols except 1-ICMP, 6-TCP, 17-UDP, 58-ICMPv6 and 132-SCTP in the audit policy.
undo service protocol protocol-number
Parameters
| Parameter | Description | Value |
|---|---|---|
| 132 | sctp | Indicates SCTP. | - |
| 6 | tcp | Indicates TCP. | - |
| 17 | udp | Indicates UDP. | - |
| source-port { source-port | start-source-port to end-source-port } &<1-64> | Specifies the source port or source port range. | The value is an integer ranging from 0 to 65535. A maximum number of 64 source ports or source port ranges can be added to or deleted from an audit policy rule at a time. |
| destination-port { destination-port | start-destination-port to end-destination-port } &<1-64> | Specifies the destination port or destination port range. | The value is an integer ranging from 0 to 65535. A maximum number of 64 source ports or source port ranges can be added to or deleted from an audit policy rule at a time. |
| 1 | icmp | Indicates ICMP. | - |
| icmp-type | Indicates the ICMP packet type and message code. | - |
| icmp-name | Specifies the ICMP packet type name. | - |
| icmp-type-number { icmp-code-number [ to icmp-code-number ] } &<1-64> | Specifies the ICMP packet type number and message code. | The value is an integer ranging from 0 to 255. A maximum of 64 groups of ICMP packet type numbers and message codes can be added to or deleted from an audit policy rule at a time. |
| 58 | icmpv6 | Indicates ICMPv6. | - |
| icmpv6-type | Indicates the ICMPv6 packet type and message code. | - |
| icmpv6-name | Specifies the ICMPv6 packet type name. | - |
| icmpv6-type-number { icmpv6-code-number [ to icmpv6-code-number ] } &<1-64> | Specifies the ICMPv6 packet type number and message code. | The value is an integer ranging from 0 to 255. A maximum of 64 groups of ICMP packet type numbers and message codes can be added to or deleted from an audit policy rule at a time. |
| protocol-number | Specifies the protocol number except 1-ICMP, 6-TCP, 17-UDP, and 58-ICMPv6. | The value is an integer ranging from 0 to 255. |
Usage Guidelines
If you want to reference a port in the audit policy, you can configure a user-defined service set and reference the service set in the audit policy.
If there are not many ports, you can run the service protocol command to reference the port or protocol directly in the audit policy to simplify the configurations.
It is recommended that the configured command contain no more than 500 characters.
Example
# Reference UDP source port 1024 in the audit policy as the policy matching condition.
<sysname> system-view [sysname] audit-policy [sysname-policy-audit] rule name policy_audit [sysname-policy-audit-rule-policy_audit] service protocol udp source-port 1024
# Reference ICMP packet type host-redirect in the audit policy. host-redirect packet type number is 5 and message code 1.
<sysname> system-view [sysname] audit-policy [sysname-policy-audit] rule name policy_audit [sysname-policy-audit-rule-policy_audit] service protocol icmp icmp-type 5 1