sctp
Syntax
sctp {
log (Security SCTP) name;
multichunk-inspection disable;
nullpdu {
protocol (ID-0x0000 | ID-0xFFFF);
}
profile (Security SCTP) name {
association-timeout association-timeout;
drop (Security SCTP) {
m3ua-service name;
payload-protocol name;
}
handshake-timeout handshake-timeout;
limit (Security SCTP) {
address name {
payload-protocol (asap | bicc | ddp-segment | ddp-stream | diameter-dtls | diameter-sctp | dua | enrp | h248 | h323 | id | iua | m2pa | m2ua | m3ua | others | qipc | reserved | s1ap | simco | sua | tali | v5ua | x2ap) {
rate rate;
}
}
payload-protocol (asap | bicc | ddp-segment | ddp-stream | diameter-dtls | diameter-sctp | dua | enrp | h248 | h323 | id | iua | m2pa | m2ua | m3ua | others | qipc | reserved | s1ap | simco | sua | tali | v5ua | x2ap) {
rate rate;
}
rate {
address name {
sccp sccp;
ssp ssp;
sst sst;
}
sccp sccp;
ssp ssp;
sst sst;
}
}
nat-only;
permit (Security SCTP) {
payload-protocol name;
}
}
traceoptions (Security SCTP) {
file <filename> <files files> <match match> <size size> <(world-readable | no-world-readable)>;
flag name;
no-remote-trace;
}
}
Hierarchy Level
[edit security]
Description
Use the Stream Control Transmission Protocol (SCTP) commands to configure SCTP objects, configure SCTP logs, set trace options, and set address rate limit.
From Junos OS Release 20.4R1 onwards, the [edit security gprs]
hierarchy level is replaced by [edit security gtp].
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release
10.2. Support for the nat-only option added in Junos OS
Release 12.1X45-D10. Support for the profile statement
added in Junos OS Release 12.1X46-D10.