the algorithm is designed to exit the moment it finds a match. so, as
soon as there is a match, the remaining lines of the access-list are
never looked at.
> "Deloso, Elmer G." wrote:
>
> Hi, all.
> Just to verify my understanding of extended access-lists: this
> continues to parse the entries even
> after a match has already been found, so if the first few lines have a
> "permit" and later down the last few lines it encounters a "deny",
> what does the router do?
>
> Example:
> access-list 176 permit tcp 193.128.233.177 0.0.0.0 any eq smtp log
> access-list 176 permit tcp 203.23.83.180 0.0.0.0 any eq smtp log
> access-list 176 permit tcp 203.35.182.133 0.0.0.0 any eq smtp log
> .
> .
> .
> .
> access-list 176 deny ip 193.0.0.0 0.255.255.255 any log
> access-list 176 deny ip 203.0.0.0 0.255.255.255 any log
>
> Any help would be greatly appreciated.
>
> Elmer Deloso
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]