--- Begin Message ---
>
> Again, the cli seems to indicate support for all the things necessary,
> which
> includes the idea of 'established', which is why I ask if THIS platform does
> in
> fact do what the cli suggests:
>
No it doesn't
You need to understand what established does.
It matches TCP datagrams with ACK or RST set . That is it.
Here is a manual regarding setting up acls that may help you
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-data-acl-xe-3s-book/sec-create-ip-apply.html
Brian
--- End Message ---
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
