You could start with:
access-list 1 deny host 192.168.1.2
access-list 1 deny host 192.168.1.3
access-list 1 deny host 192.168.1.5
access-list 1 deny host 192.168.1.7
access-list 1 deny host 192.168.1.11
access-list 1 deny host 192.168.1.13
access-list 1 deny host 192.168.1.17
....
access-list 1 deny host 192.168.1.251
access-list 1 permit 192.168.1.0 0.0.0.255
and then write everything down on a paper in binary form and see if you can
"summarize" some of the hosts into one wildcard mask.
This is a good idea if you're trying to practise the calculation of wildcard
masks. However, if you're trying to implement this in a live environment,
you should seek help now!
Hth,
Ole
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ole Drews Jensen
Systems Network Manager
CCNA, MCSE, MCP+I
RWR Enterprises, Inc.
[EMAIL PROTECTED]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.RouterChief.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NEED A JOB ???
http://www.oledrews.com/job
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----Original Message-----
From: Wojtek Zlobicki [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 30, 2001 10:54 AM
To: [EMAIL PROTECTED]
Subject: Re: access list w/ prime numers [7:14117]
> Hola All!
>
> I want to set up an access list that do the following:
> deny all packets from subnet 192.168.1.0 with last octect a prime numer.
I dont think you realize the complexity of what you are asking for. This is
a very complex rule (I sure would not my router making such decisions, they
would be very time consuming). If I am wrong and this is a true rule, I
shall pay homage to the router gods..
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=14202&t=14117
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]