14 match srcl4port – Fortinet MR1 User Manual

264

<ipaddr> specifies an IP address.

<ipmask> specifies an IP address bit mask; note that although it resembles a standard
subnet mask, this bit mask need not be contiguous.

Default

None

Command Mode

Class-Map Config

5.12.2.14 match srcl4port

This command adds to the specified class definition a match condition based on the source
layer 4 port of a packet using a single keyword or numeric notation or a numeric range
notation.

Syntax

match srcl4port {<portkey> | <0-65535>}

<portkey> is one of the supported port name keywords (listed below).
The currently supported <portkey> values are: domain, echo, ftp, ftpdata, http, smtp, snmp,
telnet, tftp, www. Each of these translates into its equivalent port number, which is used as
both the start and end of a port range.

To specify the match condition as a numeric value, one layer 4 port number is required. The
port number is an integer from 0 to 65535.

To specify the match condition as a range, two layer 4 port numbers are required and
together they specify a contiguous port range. Each port number is an integer from 0 to
65535, but with the added requirement that the second number be equal to or greater than
the first.


Default

None

Command Mode

Class-Map Config