security firewall port-listΒΆ

security firewall port-list(1)			  BIG-IP TMSH Manual		       security firewall port-list(1)

NAME
       port-list - Configures a port-list for use by firewall rules. A firewall rule can match a packet's source port
       or destination port against one of the ports in a port list, and can take some action (such as ACCEPT or DROP)
       for a matching packet.

MODULE
       security firewall

SYNTAX
   CREATE/MODIFY
	create port-list [name]
	modify port-list [[name] | all]
	 options:
	  app-service [name]
	  description [string]
	  ports [add | delete | modify | replace-all-with] {
	   [ [port] | [port] - [port] ]
	  }

	edit port-list [[name] | all]
	  options:
	    all-properties
	    non-default-properties

   DISPLAY
	list port-list [[name] | all | [property]]
	show running-config port-list [[name] | all | [property]]

   DELETE
	delete port-list [[name] | all]

DESCRIPTION
       You can use the port-list component to define reusable lists of ports for various firewall rules. The network
       software compares a packet's source port and/or destination port against ports in this list. You can assign a
       port list to the firewall rules in net self, net route-domain, security firewall global-rules, security
       firewall rule-list, sys management-ip, and ltm virtual firewall rules.

EXAMPLES
       create port-list p-list1 ports add { 80 }

       Creates a new port list with one entry.

	list port-list
	security firewall port-list _sys_self_allow_tcp_defaults {
	   ports {
	       domain { }
	       f5-iquery { }
	       https { }
	       snmp { }
	       ssh { }
	   }
	}
	security firewall port-list _sys_self_allow_udp_defaults {
	   ports {
	       520 { }
	       cap { }
	       domain { }
	       f5-iquery { }
	       snmp { }
	   }
	}
	security firewall port-list p-list1 {
	   ports {
	       http { }
	   }
	}

       Shows all the port lists, including the one created in the previous example.

OPTIONS
       app-service
	    Associates this port list with a particular Application Service. An Application Service is a major
	    component of an iApp, an advanced configuration tool for creating and maintaining similar applications on
	    multiple servers. The asm module has components for working with iApps.

       description
	    Your description for the port list.

       ports
	    Specifies a list of ports to compare against a packet's source or destination port. Use one of the
	    keywords below and then specify the port(s) to add or delete. Specify ranges of ports with a dash between
	    the two ends of the range (for example, 80-88).

	    add  Creates a new port list, which you specify next with port numbers in curly braces ({}).

	    delete
		 Deletes the port(s) that you specify next, in curly braces ({}).

	    modify
		 Is not supported for this component.

	    replace-all-with
		 Replaces the current set of ports with the port(s) that you specify next, in curly braces ({}).

SEE ALSO
       edit, list, modify, net self, net route-domain, security firewall address-list, security firewall rule-list,
       security firewall global-rules, tmsh

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or by any means, electronic or
       mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
       other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2008, 2012-2013, 2016. All rights reserved.

BIG-IP						      2016-03-14		       security firewall port-list(1)