Port lists are collections of ports, port ranges, or port lists that can be assigned to firewall rules.

Firewall rules use port lists to allow or deny access to specific ports in IP packets. They compare a packet's source port and/or destination port with the ports in a port list. If there is a match, the rule takes an action, such as accepting or dropping the packet. Port lists must contain at least one entry. You cannot create an empty port list; you cannot remove an entry in a port list if it is the only one.

1. Click Configuration > SECURITY > Network Security > Port Lists .
2. Click Create.
   The New Port List screen opens.
3. On the left, click Properties and specify the settings for the port list.
   1. In the Name setting, type a unique name for the port list.
   2. In the Description setting, type an optional description for the port list.
   3. In the Partition setting, type a different partition if needed. The Common partition is the default.
4. On the left, click Ports.
   You must supply at least one entry in the port list, such as a port, port list, or port range.
   The screen displays a blank port entry template for you to complete.
5. In the Type column, supply the type of port entry to add to the port list.
   • To add a single port, select Port.
   • To add a port list, select Port List.
   • To add a range of ports, select Port Range.
   Note: Before nesting a port list inside a port list, check that this option is supported on the specific version of your BIG-IP^® device.
6. In the Ports column, supply the port details for the port type you selected.
   • If you selected Port as the type, type a port number.
   • If you selected Port List as the type, select the name of the port list.
   • If you selected Port Range as the type, type the beginning and ending port numbers.
7. In the Description column, provide an optional meaningful description of the port entry.
8. To add more than one port entry to the port list, click the + in the Add/Remove column, and provide the details.
   Click Update to update and save the port entry you are currently editing.
9. Continue to add or delete ports until the port list is complete.
10. Click Save to save your work on the port list.

1. Click Configuration > SECURITY > Network Security > Port Lists .
2. Click the name of the port list to edit.
3. If you are modifying the port list description, click Properties, and type or modify the Description setting.
   Only the description property can be modified.
4. If you are modifying the port entries, on the left, click Ports.
5. Add, modify, or delete port entries in the port list.
   • To modify a port entry, click the pencil icon in that row.
   • To delete a port entry, click X in the Add/Remove column.
   • To add a port entry, click + in the Add/Remove column.
   A port list must contain at least one port entry.
6. If you are adding or modifying a port entry, supply or modify the settings.
7. In the Type column, supply the type of port entry to add to the port list.
   • To add a single port, select Port.
   • To add a port list, select Port List.
   • To add a range of ports, select Port Range.
   Note: Before nesting a port list inside a port list, check that this option is supported on the specific version of your BIG-IP^® device.
8. In the Ports column, supply the port details for the port type you selected.
   • If you selected Port as the type, type a port number.
   • If you selected Port List as the type, select the name of the port list.
   • If you selected Port Range as the type, type the beginning and ending port numbers.
9. In the Description column, provide an optional meaningful description of the port entry.
10. Continue to add, modify, or delete port entries in the port list until the port list is complete.
11. Save your work.

1. Click Configuration > SECURITY > Network Security > Port Lists .
   The Port Lists screen opens.
2. Click the check box next to the port list you want to clone.
3. Click Clone.
   A copy of that port list is created with the same name, but with -CLONE appended to the name and a blank Description field.
4. Change the port list as needed.
5. Save your work.

1. Click Configuration > SECURITY > Network Security > Port Lists .
   The Port Lists screen opens.
2. Click the check box next to the port list you want included in the partial deployment.
3. Click Deploy.

1. Click Configuration > SECURITY > Network Security > Port Lists .
   The Port Lists screen opens.
2. Click the check box next to the port list to delete.
3. Click Delete.
4. In the confirmation dialog box that opens, click Delete to confirm the removal.