8-19
Classifier-Based Software Configuration
Traffic Classes
•
neq < tcp/udp-port-number> — “Not Equal” matches any packet 
with a TCP or UDP source port number that is not equal to 
< tcp/udp-port-number >.
• range < start-port-number > < end-port-number > — Matches any 
packet with a TCP or UDP source port number in the range 
<start-port-number > to < end-port-number >.
TCP/UDP Well-Known Source-Port Names and Numbers 
— Enter a comparison operator with the source TCP or UDP 
port number used by the applications you want to match. Valid 
port numbers are from 0 to 255.
You can also enter well-known TCP or UDP port names as an 
alternative to the corresponding port number; for example:
• TCP: bgp, dns, ftp, http, imap4, ldap, nntp, pop2, pop3, smtp, ssl, 
telnet
• UDP: bootpc, bootps, dns, ntp, radius, radius-old, rip, snmp, snmp-
trap, tftp
To display a list of valid TCP/UDP source ports, type 
?  after you 
enter an operator. 
[operator < tcp-dest-port [established] [tcp-flag [tcp-flag ...] ] | udp-dest-
port >]
To specify a TCP or UDP destination
 port number as a match 
criteria, enter a comparison operator with a TDP/UDP port 
number or well-known port name immediately after the desti-
nation-address value in the command.
Note: The optional established and < tcp-flag > values apply only 
to TCP destination-port criteria.
TCP/UDP Well-Known Destination-Port Names and Num-
bers — The same operators, port numbers and well-known 
names are supported for TCP/UDP destination-port match 
criteria as for TCP/UDP source-port criteria. To display a list 
of valid TCP/UDP destination ports, type 
?  after you enter an 
operator.
[ established ]
(Optional) Applies only to TCP destination-port match criteria 
and matches only on the TCP Acknowledge (ACK) or Reset 
(RST) flags. 
The established keyword ignores the synchronizing packet asso-
ciated with the establishment of a TCP connection in one 
direction on a port or VLAN, and matches all other IP traffic in 
the opposite direction.