No, once the router finds a match, it quits examining the access-list and
either permits or denies the packet. Even if there are lines later in the
list that would also be a match the router stops with the first match it
finds.
>Hi, all.
>Just to verify my understanding of extended access-lists: this continues to
>parse the entries even
>after a match has already been found, so if the first few lines have a
>"permit" and later down the last few lines it encounters a "deny", what
>does
>the router do?
>Example:
>access-list 176 permit tcp 193.128.233.177 0.0.0.0 any eq smtp log
>access-list 176 permit tcp 203.23.83.180 0.0.0.0 any eq smtp log
>access-list 176 permit tcp 203.35.182.133 0.0.0.0 any eq smtp log
>.
>.
>.
>.
>access-list 176 deny ip 193.0.0.0 0.255.255.255 any log
>access-list 176 deny ip 203.0.0.0 0.255.255.255 any log
>
>Any help would be greatly appreciated.
>
>Elmer Deloso
>
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
