Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
861862863864865866867868869870
A-63
Threat Management Services zl Module Command-Line Reference
Global Configuration Context
port-map
This command allows you to configure port maps so that your firewall and
IPS/IDS know which type of traffic is expected on which ports.
To configure a port map, enter the following command:
Syntax: [no] port-map <service> < tcp | udp > <port>
Replace <services> with the name of the service for which you are creating
the map.
Replace <port> with the port to which the firewall and IDS/IPS will expect
the service.
Available services are listed in Table A-20.
Table A-20. Services Available
For example, to add a port map for HTTP over TCP through port 9000, enter
the following command:
ProCurve(tms-module-<slot ID>)# port-map http tcp 9000
port-trigger
Use this command to create policies that enable the module’s firewall to
monitor dynamically negotiated ports.
To create a port trigger policy, type the following command:
Syntax: port-trigger <policy name> <target address> <protocol>
< inbound | outbound > < tcp | udp > < port | range <start port> <end port> > [enable
| disable | allow-any-inbound]
Replace <policy name> with the name you want to assign to the policy. It is
good practice to specify a policy name that reflects the services involved in
the trigger.
FTP HTTP IMAP NNTP
POP3 RSTP SMTP TCPDNS
TCPRPC TCPSIP TELNET UDPDNS
UDPRPC UDPSIP