Chapter 3. Command Reference

conf t firewall service

Use configure terminal firewall service to configure the services that are used by the firewall rules.

 

remove service-name

 

deletes a service.

 

update service-name< tcp udp icmp esp ah gre igmp ipcomp number >

 

[port port-number [to port-number] ]

 

creates a service or updates an existing service.

 

 

 

Using conf t firewall service

configure a

Use configure terminal firewall service to create a service for an arbitrary IP protocol. In this

service for an

example, a service called 'ospf' is created for IP protocol 89:

IP protocol

 

 

hostname# conf t firewall service update ospf 89

create a

Use configure terminal firewall service update to create a service that will be used by a firewall rule.

service

In this example, a service called 'Telnet' is created for TCP port 23:

 

hostname# conf t firewall service update Telnet tcp port 23

 

 

 

conf t firewall service-group

 

The configure terminal firewall service-group command groups services together.

 

add-servicegroup-name service-name

 

adds a service to an existing service group.

 

remove group-name

 

deletes a service group.

 

remove-servicegroup-name service-name

 

deletes a service from a service group.

 

update group-name service-name

 

creates or updates a service group. You can enter multiple service names.

 

 

 

Using conf t firewall service-group

create/update

Use configure terminal firewall service-group update to create or update a service group. In this

a service

example, a service group called ‘group1’ is created, and includes Telnet and rlogin:

group

 

 

hostname# conf t firewall service-group update group1 Telnet rlogin

48 X Family CLI Reference V 2.5.1