Cisco Nexus 5500 Series Command Reference Manual page 212

permit tcp (IPv6)
operator port [port]
portgroup portgroup
Cisco Nexus 5500 Series NX-OS Security Command Reference
198
(Optional) Rule matches only packets that are from a source port or sent to
a destination port that satisfies the conditions of the operator and port
arguments. Whether these arguments apply to a source port or a destination
port depends upon whether you specify them after the source argument or
after the destination argument.
The port argument can be the name or the number of a TCP port. Valid
numbers are integers from 0 to 65535. For listings of valid port names, see
the "TCP Port Names" section in the "Usage Guidelines" section.
A second port argument is required only when the operator argument is a
range.
The operator argument must be one of the following keywords:
eq—Matches only if the port in the packet is equal to the port argument.
•
gt—Matches only if the port in the packet is greater than the port
•
argument.
lt—Matches only if the port in the packet is less than the port argument.
•
neq—Matches only if the port in the packet is not equal to the port
•
argument.
range—Requires two port arguments and matches only if the port in the
•
packet is equal to or greater than the first port argument and equal to or
less than the second port argument.
(Optional) Specifies that the rule matches only packets that are from a source
port or to a destination port that is a member of the IP port-group object
specified by the portgroup argument. Whether the port-group object applies
to a source port or a destination port depends upon whether you specify it
after the source argument or after the destination argument.
Use the object-group ip port command to create and change IP port-group
objects.
Chapter P Commands
OL-27883-02