security firewall port-listΒΆ

security firewall port-list(1)BIG-IP TMSH Manualsecurity firewall port-list(1)



NAME
       port-list - Configures a port-list for use by firewall rules. A
       firewall rule can match a packet's source port or destination port
       against one of the ports in a port list, and can take some action (such
       as ACCEPT or DROP) for a matching packet.

MODULE
       security firewall

SYNTAX
   CREATE/MODIFY
	create port-list [name]
	modify port-list [[name] | all]
	 options:
	  app-service [name]
	  description [string]
	  ports [add | delete | modify | replace-all-with] {
	   [ [port] | [port] - [port] ]
	  }

	edit port-list [[name] | all]
	  options:
	    all-properties
	    non-default-properties

   DISPLAY
	list port-list [[name] | all | [property]]
	show running-config port-list [[name] | all | [property]]

   DELETE
	delete port-list [[name] | all]

DESCRIPTION
       You can use the port-list component to define reusable lists of ports
       for various firewall rules. The network software compares a packet's
       source port and/or destination port against ports in this list. You can
       assign a port list to the firewall rules in net self, net route-domain,
       security firewall global-rules, security firewall rule-list, sys
       management-ip, and ltm virtual firewall rules.

EXAMPLES
       create port-list p-list1 ports add { 80 }

       Creates a new port list with one entry.

	list port-list
	security firewall port-list _sys_self_allow_tcp_defaults {
	   ports {
	       domain { }
	       f5-iquery { }
	       https { }
	       snmp { }
	       ssh { }
	   }
	}
	security firewall port-list _sys_self_allow_udp_defaults {
	   ports {
	       520 { }
	       cap { }
	       domain { }
	       f5-iquery { }
	       snmp { }
	   }
	}
	security firewall port-list p-list1 {
	   ports {
	       http { }
	   }
	}

       Shows all the port lists, including the one created in the previous
       example.

OPTIONS
       app-service
	    Associates this port list with a particular Application Service.
	    An Application Service is a major component of an iApp, an
	    advanced configuration tool for creating and maintaining similar
	    applications on multiple servers. The asm module has components
	    for working with iApps.

       description
	    Your description for the port list.

       ports
	    Specifies a list of ports to compare against a packet's source or
	    destination port. Use one of the keywords below and then specify
	    the port(s) to add or delete. Specify ranges of ports with a dash
	    between the two ends of the range (for example, 80-88).

	    add  Creates a new port list, which you specify next with port
		 numbers in curly braces ({}).

	    delete
		 Deletes the port(s) that you specify next, in curly braces
		 ({}).

	    modify
		 Is not supported for this component.

	    replace-all-with
		 Replaces the current set of ports with the port(s) that you
		 specify next, in curly braces ({}).

SEE ALSO
       edit, list, modify, net self, net route-domain, security firewall
       address-list, security firewall rule-list, security firewall global-
       rules, tmsh

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or
       by any means, electronic or mechanical, including photocopying,
       recording, or information storage and retrieval systems, for any
       purpose other than the purchaser's personal use, without the express
       written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2008, 2012-2013, 2016. All rights
       reserved.



BIG-IP				  2016-03-14	security firewall port-list(1)