Specifying Port Traffic Type of Greater Than 0 Not Accepted (Doc ID 757355.1)

Last updated on AUGUST 13, 2013

Applies to:

Oracle Communications IP Service Activator - Version: 5.2.1 to 5.2.3
This problem can occur on any platform.


Configuring Port Traffic types to Match ports greater than 0 does not take affect when created
via GUI and via OIM.

The following ACL is defined in the network:
ip access-list extended inbound-acl
permit tcp any eq 4949 host gt 1023 established
permit tcp any eq 5000 host gt 1023 established
deny tcp any any gt 0 log
deny udp any any gt 0 log
deny ip any any

ip access-list extended inbound-acl
deny tcp any any gt 0 log
deny udp any any gt 0 log
deny ip any any

ip access-list extended inbound-acl
permit icmp any any
deny tcp any any gt 0 log
deny udp any any gt 0 log
deny ip any any

To create "deny tcp any any gt 0 log" Port Traffic needs to be defined to match TCP And Destination Greater Than 0.

In the UI this can be configured. As soon as the transaction is committed the port traffic is cleared to default values.

-- Steps To Reproduce:
Create the following traffic type

Providing OIM commands:
create /Policy:"Policy"/Domain:"MyDomain"/TrafficGroup:"TrafficGroup"/TrafficPort:"TCP:dGtPort0"
IpProtocol=6 DestPortMin=0 DestPortMax=0

create /Policy:"Policy"/Domain:"MyDomain"/TrafficGroup:"TrafficGroup"/TrafficPort:"UDP:dGtPort0"
IpProtocol=17 DestPortMin=0 DestPortMax=0

-- Business Impact:
The explicit deny statement used for debugging at the end of ACL are removed and replaced with the

deny tcp any any log


deny tcp any any gt 0 log


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms