PortRange statement
Use the PortRange statement to encapsulate a single port or range of ports. It can be referenced from any statement that allows for a set specification of ports.
Syntax
>>-PortRange--+------+------------------------------------------> '-name-' >--| Put Braces and Parameters on Separate Lines |------------->< Put Braces and Parameters on Separate Lines |--+-{-----------------+----------------------------------------| +---Port--+-n---+---+ | '-n m-' | '-}-----------------'
Parameters
- name
- A string 1 - 32 characters in length specifying the name of this
PortRange statement.
Rule: If this PortRange statement is not specified inline within another statement, a name value must be provided. If a name is not specified for an inline PortRange statement, a nonpersistent system name is created.
- Port
- A single port or range of ports.
Valid values for n are in the range 0 - 65 535. If 0 is specified for n, then any port can be used. If n is specified as the beginning value for a range, then 0 is not a valid value.
If an m value is specified, it must be greater than or equal to n and less than 65 536.
Rule: Include a blank, a colon (:), or a dash (-) as a delimiter.
Restrictions:
- For IDSAttackCondition the only valid port values for n are 1 - 65 535.
- PortRange is available for use only with IDS configuration and AT-TLS policies.