In a class configuration, you can enter match/ignore statements that more precisely define the TCP or UDP traffic to match in an IPv4 or IPv6 traffic class. For example, enter a port number as a match criterion that specifies one or more TCP source ports, destination ports, or both.
Syntax:
[no] [ seq—number
] [ match
| ignore
] tcp
| udp
source—address
[ operator tcp—src—port
| udp—src—port
] destination—address
[ operator tcp—dest—port
[established
] [tcp—flag
tcp—flag ...
] udp—dest—port
] [ ip—dscp
codepoint
] [ precedence
precedence—value
] [ tos
tos—value
]
[ vlan
vlan—id
]
If you use TCP or UDP as the IP protocol type in a match/ignore statement, you can optionally configure TCP or UDP source and destination port numbers or ranges of numbers to more precisely define match criteria for a traffic class. Enter the optional TCP/UDP match criteria immediately after the source and destination address in the command syntax; for example:
HP Switch(config-class)#: match tcp host 10.20.10.17 eq 23 host 10.20.10.155 established HP Switch(config-class)#: match tcp host 10.10.10.100 host 10.20.10.17 eq telnet HP Switch(config-class)#: ignore udp 10.30.10.1/24 host 10.20.10.17 range 161 162
TCP/UDP well-known source-port names and numbers
Enter a comparison operator with the source TCP or UDP port number used by the applications you want to match. Valid port numbers are from
0
to255
. You can also enter well-known TCP or UDP port names as an alternative to the corresponding port number; for example:To display a list of valid TCP/UDP source ports, enter ? after you enter an operator.
operator tcp-dest-port
established
[tcp-flag tcp-flag ...
] | udp-destport
To specify a TCP or UDP destination port number as a match criteria, enter acomparison operator with a TDP/UDP port number or well-known port name immediately after the destination-address value in the command.
NOTE: The optional
established
andvalues apply only to TCP destination-port criteria.
tcp-flag
TCP/UDP well-known destination-port names and numbers
The same operators, port numbers and well-known names are supported for TCP/UDP destination-port match criteria as for TCP/UDP source-port criteria. To display a list of valid TCP/UDP destination ports, enter ? after you enter an operator.