Table of Contents
Advertisement
Firewall Feature Set Commands
Syntax of the "no" Form
The no form of this command sets the default RPC timeout value:
no ip firewall rpc timeout
Default
5 seconds
Mode
Global configuration:
Example
The following example resets the Microsoft RPC idle timeout interval to 10 minutes:
XSR(config)#ip firewall rpc microsoft-rpc timeout 6000
ip firewall service
This command defines a service object which reflects an application, its transport protocol (TCP or
UDP), protocol type and port number ranges. The XSR supports a number of pre‐defined services
which can be viewed with
policy objects or you can add your own service. Intrinsic services ANY_TCP and ANY_UDP are
available for all TCP or UDP ports.
A service is comprised of a source and destination port range, and protocol. For flexibility, port
ranges can be specified using qualifiers such as eq, lt and gt which are also available for
configuring access lists.
A name for any firewall object must use these alpha‐numeric characters only:
case),
Syntax
ip firewall service name <source-port-range> <dest-port-range> <protocol>
ip firewall service name {eq <0-65535> | gt <0-65535> | lt <0-65535> | range <0-
65535> <0-65535>} {eq <0-65535> | gt
65535>}{tcp | udp}
name
eq
gt
lt
range
tcp or udp protocol
16-126 Configuring Security
XSR(config)#
show ip firewall user-services
0
9
-
_
‐
,
(dash), or
(underscore). Also, all firewall object names are case‐sensitive.
Note: The show ip firewall service command displays pre-defined services.
Name of the protocol, not to exceed 16 characters.
Port range equals number specified.
Port range is strictly greater than the number specified, and less than or
equal to 65535.
Port range is strictly less than the number specified.
Explicit port range with the start and end ranges specified: <0‐65535>
Transport protocol. The protocol value is case‐sensitive.
. Services can be directly cited in
<0-65535> | lt <0-65535> | range <0-65535> <0-
A
Z
‐
(upper or lower
Advertisement
Table of Contents
