Chapter 4
Configuring TCP/IP Normalization and IP Reassembly Parameters
Defining a TCP or UDP Port Number or Port Range Match Criteria
OL-16202-01
You can specify a TCP or UDP port number or port range as the Layer 4 network
traffic match criteria by using the match port command in class-map
configuration mode. The syntax of this command is as follows:
[line_number] match port {tcp | udp {eq port1 | range port2 port3}}
The keywords, arguments, and options are as follows:
line_number—(Optional) Argument that assists you in editing or deleting
•
individual match commands. For example, you can enter no line_number to
delete long match commands instead of entering the entire line.
tcp—Specifies TCP.
•
udp—Specifies UDP.
•
•
eq port1—Specifies that the TCP or UDP port number of the network traffic
must match the specified value. Enter an integer from 0 to 65535. A value of
0 instructs the ACE to match any port. Alternatively, you can enter a protocol
keyword that corresponds to a TCP or UDP port number. See
list of supported well-known TCP port names and numbers. See
a list of supported well-known UDP port names and numbers.
Table 4-4
Well-Known TCP Port Numbers and Keywords
Keyword
Port Number
domain
53
ftp
21
ftp-data
20
h323
1720
http
80
https
443
irc
194
matip-a
350
nntp
119
pop2
109
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
Configuring a Traffic Policy for TCP/IP Normalization and Termination
Description
Domain Name System
File Transfer Protocol
File Transfer Protocol Data
H.323 Call Signaling Protocol
Hypertext Transfer Protocol
HTTP over TLS/SSL
Internet Relay Chat
Mapping of Airline Traffic over Internet
Protocol (MATIP) Type A
Network News Transport Protocol
Post Office Protocol v2
Table 4-4
for a
Table 4-5
for
4-29