Displaying Port Mapping - H3C SecPath F1800-A Operation Manual

Operation Manual - Security Defence
H3C SecPath F1800-A Firewall
Table 2-55 Configuring port mapping entries
Configure port identification.
Delete
identification.
Notes:
You cannot delete or modify system-defined port number. Instead, you can
redefine it with basic ACL-based host port identification mechanism. For
example, using the "port-mapping ftp port 80 acl 2010" command, you can
define the TCP packet from the specific host (based on ACL 2010) through port
80 as an FTP packet.
You can use the port-mapping command repeatedly to configure multiple
identification ports for a protocol.
A port can be configured with different protocols in different host ranges defined
by using the acl command. For instance, using the "port-mapping http port
4567 acl 2010" and "port-mapping ftp port 4567 acl 2020" commands, you can
define the packet from port 4567 of the host defined by ACL 2010 as an HTTP
packet and the packet from port 4567 of the host defined based on ACL 2020 as
an FTP packet.
You cannot configure well-known port identification and basic ACL-based host
port identification on a port at the same time.

2.8.3 Displaying Port Mapping

You can use the display command in any view to view the running state and verify the
configuration of port mapping.
Table 2-56 Displaying port mapping
View port identification.
Action
the user-defined port
Action
Command
port-mapping
port-number acl acl-number
undo port-mapping [ application-name port
port-number acl acl-number ]
Command
display port-mapping [ application-name | port
port-number ]
6-64
Chapter 2 Security Policy
application-name port