Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1351135213531354135513561357135813591360
A-103
Command-Line Reference
Global Configuration Context
To configure (or delete) a port map, enter the following command:
Syntax: [no] port-map <service> < tcp | udp > <port>
Replace <services> with the name of the service for which you are creating
the map.
Replace <port> with the port to which the firewall and IDS/IPS will expect the
service.
Available services are listed in Table A-29.
Table A-29. Services Available
For example, to add a port map for HTTP over TCP through port 9000, enter
the following command:
hostswitch(tms-module-<slot ID>)# port-map http tcp 9000
port-trigger
Use this command to create policies that enable the module’s firewall to
monitor dynamically negotiated ports.
To create a port trigger policy, type the following command:
Syntax: port-trigger <policy name> <target address> <protocol>
< inbound | outbound > < tcp | udp > < port | range <start port> <end port> > [enable
| disable | allow-any-inbound]
Replace <policy name> with the name you want to assign to the policy. It is
good practice to specify a policy name that reflects the services involved in
the trigger.
Replace <target address> with one of the following options:
any
<IP address>
address <address object>
Replace <protocol> with one of the following options:
< tcp | udp > < port | range <start port> <end port> >
FTP HTTP IMAP NNTP
POP3 RSTP SMTP TCPDNS
TCPRPC TCPSIP TELNET UDPDNS
UDPRPC UDPSIP