Cisco NX-OS Security Command Reference, Release 4.0
G Commands
Download this chapter
G CommandsG Commands
Download the complete book
Cisco NX-OS Security Command Reference, Release 4.0Cisco NX-OS Security Command Reference, Release 4.0 (PDF - 3 MB)
give_us_feedback

Table Of Contents

G Commands

gt


G Commands

This chapter describes the Cisco NX-OS security commands that begin with G.

gt

To specify a greater-than group member for an IP port object group, use the gt command. A greater-than group member matches port numbers that are greater than (and not equal to) the port number specified in the member. To remove a greater-than group member from the port-object group, use the no form of this command.

[sequence-number] gt port-number

no {sequence-number | gt port-number}

Syntax Description

sequence-number

(Optional) Sequence number for this group member. Sequence numbers maintain the order of group members within an object group. Valid sequence numbers are from 1 to 4294967295. If you do not specify a sequence number, the device assigns a number that is 10 greater than the largest sequence number in the current object group.

port-number

Port number that traffic matching this group member exceeds. The port-number argument can be a whole number between 0 and 65535.


Defaults

None

Command Modes

IP port object group configuration

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

4.0(1)

This command was introduced.


Usage Guidelines

IP port object groups are not directional. Whether a gt command matches a source or destination port or whether it applies to inbound or outbound traffic depends upon how you use the object group in an ACL.

This command does not require a license.

Examples

This example shows how to configure an IP port object group named port-group-05 with a group member that matches traffic sent to or from port 49152 through port 65535: 

switch# config t

switch(config)# object-group ip port port-group-05

switch(config-port-ogroup)# gt 49151

Related Commands

Command
Description

eq

Specifies an equal-to group member in an IP port object group.

lt

Specifies a less-than group member in an IP port object group.

neq

Specifies a not-equal-to group member in an IP port object group.

object-group ip port

Configures an IP port object group.

range

Specifies a port-range group member in an IP port object group.

show object-group

Displays object groups.