Setup guide
0 U 0.0.0.0:5678 255.255.255.255:5678 udp 1s
1 U 1.1.1.1:49679 255.255.255.255:69 udp 11s
2 U 1.1.1.1:56635 255.255.255.255:69 udp 27s
3 A 10.1.0.128:2413 10.10.1.1:23 tcp established 4d22h24m14s
4 U 10.1.0.157:5678 255.255.255.255:5678 udp 0s
5 U 10.1.0.172:5678 255.255.255.255:5678 udp 24s
6 U 10.1.0.175:5678 255.255.255.255:5678 udp 25s
7 U 10.1.0.209:5678 255.255.255.255:5678 udp 25s
8 U 10.1.0.212:5678 255.255.255.255:5678 udp 22s
9 A 10.5.7.242:32846 10.10.1.1:23 tcp established 4d23h59m59s
10 A 10.5.7.242:32933 10.10.1.1:23 tcp established 4d23h59m59s
11 U 10.10.1.11:5678 255.255.255.255:5678 udp 12s
12 U 10.10.10.1:5678 255.255.255.255:5678 udp 24s
[admin@test_1] ip firewall connection>
Service Ports
ip firewall service-port
Description
Some network protocols require direct two-sided connection between endpoints. This is not always
possible, as network address translation is widely used to connect clients to the network. This
submenu allows to configure Connection Tracking 'helpers' for above mentioned protocols. These
'helpers' are used to provide correct NAT traversal.
Property Description
name - protocol name
ports (read-only: integer) - port range that is used by the protocol
Example
Suppose we want to disable h323service port:
[admin@test_1] ip firewall service-port> set h323 disabled=yes
[admin@test_1] ip firewall service-port> print
Flags: X - disabled
# NAME PORTS
0 ftp 21
1 pptp
2 gre
3 X h323
4 mms
5 irc 6667
6 quake3
[admin@test_1] ip firewall service-port>
Packet Marking (Mangle)