I have 10 bucks says it can't be done with a single line. I'm willing to
consider betting that it can't be done with fewer than 20 lines. Prime
numbers have no rhyme or reason to them. they are not predictable or
regular - something an access list covering multiple situations requires.
the fact that an even number - 2 - is also a prime makes it impossible for
there to be a single line access list, which makes my first bet a suckers
bet. try to cover 3,11, and 23 in a single line without also covering
5,7,13,17, and 19, for example.
chuck
who once upon a time liked to play with numbers just for the hell of it.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Ole Drews Jensen
Sent: Monday, July 30, 2001 9:32 AM
To: [EMAIL PROTECTED]
Subject: RE: access list w/ prime numers [7:14117]
You could start with:
access-list 1 deny host 192.168.1.2
access-list 1 deny host 192.168.1.3
access-list 1 deny host 192.168.1.5
access-list 1 deny host 192.168.1.7
access-list 1 deny host 192.168.1.11
access-list 1 deny host 192.168.1.13
access-list 1 deny host 192.168.1.17
....
access-list 1 deny host 192.168.1.251
access-list 1 permit 192.168.1.0 0.0.0.255
and then write everything down on a paper in binary form and see if you can
"summarize" some of the hosts into one wildcard mask.
This is a good idea if you're trying to practise the calculation of wildcard
masks. However, if you're trying to implement this in a live environment,
you should seek help now!
Hth,
Ole
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ole Drews Jensen
Systems Network Manager
CCNA, MCSE, MCP+I
RWR Enterprises, Inc.
[EMAIL PROTECTED]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.RouterChief.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NEED A JOB ???
http://www.oledrews.com/job
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----Original Message-----
From: Wojtek Zlobicki [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 30, 2001 10:54 AM
To: [EMAIL PROTECTED]
Subject: Re: access list w/ prime numers [7:14117]
> Hola All!
>
> I want to set up an access list that do the following:
> deny all packets from subnet 192.168.1.0 with last octect a prime numer.
I dont think you realize the complexity of what you are asking for. This is
a very complex rule (I sure would not my router making such decisions, they
would be very time consuming). If I am wrong and this is a true rule, I
shall pay homage to the router gods..
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=14249&t=14117
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
