HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual page 336

Setting Up Quality of Service
Configuring CBWFQ
7-24
You can also select certain types of traffic (for example, HTTP or Telnet) by
specifying a protocol such as TCP or UDP and then indicating the source or
destination port after the address:
Syntax: [deny | permit] <protocol> [any | host <A.B.C.D> | <A.B.C.D> <wildcard bits>]
[any | eq <port> | gt <port> | lt <port> | range <first port> <last port> | neq <port> | host
<port>] [any | host <A.B.C.D> | <A.B.C.D> <wildcard bits>] [any | eq <port> | gt <port>
| lt <port> | range <first port> <last port> | neq <port> | host <port>]
For example:
ProCurve(config-ext-nacl)# permit tcp host 192.168.4.1 eq telnet any
The eq keyword selects a single port and the range keyword allows you to
enter a range of ports. You can specify the port by number, or for well-known
protocols, by keyword. Use the ? help command to get a complete list of
keywords. For example:
ProCurve(config-ext-nacl)# permit tcp any ?
Network 1
192.168.1.0/24
Router A
Figure 7-4. Classifying Network Traffic
In Figure 7-4, Network 1 at site A transmits mission-critical data to network 4
at site B. Host 26 on network 4 is a local DHCP server; it does not need to
receive this critical data. To select the traffic for the class, you would enter:
ProCurve(config)# ip access-list extended ClassSelector
ProCurve(config-ext-nacl)# deny ip any host 192.168.4.26
ProCurve(config-ext-nacl)# permit ip 192.168.1.0 0.0.0.255 192.168.4.0 0.0.0.255
You could configure another ACL that will be used to define a class for Web
traffic:
ProCurve(config)# ip access-list extended WebTraffic
ProCurve(config-ext-nacl)# permit tcp any any eq www
Router B
Internet
Network 4
192.168.4.0/24
Server
.26