R0106-HP MSR Router Series Security Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

521

522

523

524

525

526

527

528

529

530

509

range port1 port2: Configures a port object with a port range starting with port1 and ending with port2.

The value range for the port1 and port2 arguments is 0 to 65535.

group-object object-group-name: Specifies a port object group to be referenced by its name, a

case-insensitive string of 1 to 31 characters.

Usage guidelines

This command fails if you use it to configure or change a port object to be identical with an existing

object.

This command creates a port object if the specified object ID does not exist. Otherwise, the command

overwrites the configuration of the specified object.

When you use the lt port option, follow these guidelines:

• The value of port cannot be 0.

• If the value of port is 1, the system configures the object with a port number of 0.

• If the value of port is in the range of 2 to 65535, the system configures the object with a port number

range of [0, port–1].

When you use the gt port option, follow these guidelines:

• The value of port cannot be 65535.

• If the value of port is 65534, the system configures the object with a port number of 65535.

• If the value of port is in the range of 0 to 65533, the system configures the object with a port number

range of [port+1, 65535].

When you use the range port1 port2 option, follow these guidelines:

• If port1 is equal to port2, the system configures the object with the port number port1.

• If port1 is smaller than port2, the system configures the object with the port number range.

• If port1 is greater than port2, the system changes the range to [port2, port1] and configures the

object with the changed port number range.

When you use the group-object object-group-name option, follow these guidelines:

• The object group to be referenced must be a port object group.

• If the specified object group does not exist, the system creates a port object group with the name

you specified and references the object group for the object.

• Two object groups cannot reference each other at the same time.

• The system supports up to five reference hierarchy layers. For example, if groups 1, 2, 3, 4, and 5

use groups 2, 3, 4, 5, and 6, respectively, gro

up 6 cannot use another group and group 1 cannot

be used by another group.

Examples

# Configure a port object with a port number of 100.

<Sysname> system-view

[Sysname] object-group port portgroup

[Sysname-obj-grp-port-portgroup] port eq 100

# Configure a port object with a port number smaller than 20.

<Sysname> system-view

[Sysname] object-group port portgroup

[Sysname-obj-grp-port-portgroup] port lt 20

# Configure a port object with a port number greater than 60000.