The "Any" Parameter And Wild Cards - HP procurve 8100fl series Management And Configuration Manual

N o t e
Option (Destination) Description
eq
gt
host
lt
range
5. (Optional) Refine the ACL by specifying conditions for the traffic from the
following list of options:
Condition
dscp
eq
fragments
gt
lt
range
There are three types of packets: Whole unfragmented packets (W); Initial
Fragments (IF); and Non-initial Fragments (NIF). If you do not specify
fragments in the ACL rule, the ACL matches W and IF, but not NIF packets.
If you do specify fragments in the ACL rule, the ACL matches only NIF
packets.

The "Any" Parameter and Wild Cards

When defining an ACL it may be desirable to skip a match criteria field. For
example, an ACL is defined where the source address is immaterial, but the
destination address is required. Since each match criteria field is position-
sensitive, you can use the keyword any to skip a field – in this case, the source
address. In effect, any says "accept any value for this match criteria."
For example, the following ACL denies IP traffic between any source and
destination address and illustrates both the use of the any parameter and the
use of wild carding:
ProCurve(config)#access-list NoTelnet deny ip any any
Match only packets on a given port number (equal to)
Match only packets with a port number greater than
A single destination host
Match only packets with a port number less than
Match only packets in the port number range
Description
Match packets with given DSCP value
Match only packets on a given port number
Check non-initial fragments
Match only packets with a port number greater than
Match only packets with a port number less than
Match only packets in the port number range
Access Control Lists (ACLs)
Layer 3 Access Control List (ACLs)
15-5