Welll.....would using a modified version of TACACS+ script count & forcing
all connections to be authenticated? ;)
TACACS+ could probably do the prime # blocking...hehe.
Just stirring up trouble on the thread ;)
Maybe those 2 cents will all hit in one big $10 now..haha.
----- Original Message -----
From: "Chuck Larrieu"
To:
Sent: Monday, July 30, 2001 3:20 PM
Subject: RE: access list w/ prime numbers [7:14117]
> I have 10 bucks says it can't be done with a single line. I'm willing to
> consider betting that it can't be done with fewer than 20 lines. Prime
> numbers have no rhyme or reason to them. they are not predictable or
> regular - something an access list covering multiple situations requires.
> the fact that an even number - 2 - is also a prime makes it impossible for
> there to be a single line access list, which makes my first bet a suckers
> bet. try to cover 3,11, and 23 in a single line without also covering
> 5,7,13,17, and 19, for example.
>
> chuck
> who once upon a time liked to play with numbers just for the hell of it.
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Ole Drews Jensen
> Sent: Monday, July 30, 2001 9:32 AM
> To: [EMAIL PROTECTED]
> Subject: RE: access list w/ prime numers [7:14117]
>
>
> You could start with:
>
> access-list 1 deny host 192.168.1.2
> access-list 1 deny host 192.168.1.3
> access-list 1 deny host 192.168.1.5
> access-list 1 deny host 192.168.1.7
> access-list 1 deny host 192.168.1.11
> access-list 1 deny host 192.168.1.13
> access-list 1 deny host 192.168.1.17
> ....
> access-list 1 deny host 192.168.1.251
> access-list 1 permit 192.168.1.0 0.0.0.255
>
> and then write everything down on a paper in binary form and see if you
can
> "summarize" some of the hosts into one wildcard mask.
>
> This is a good idea if you're trying to practise the calculation of
wildcard
> masks. However, if you're trying to implement this in a live environment,
> you should seek help now!
>
> Hth,
>
> Ole
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Ole Drews Jensen
> Systems Network Manager
> CCNA, MCSE, MCP+I
> RWR Enterprises, Inc.
> [EMAIL PROTECTED]
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> http://www.RouterChief.com
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> NEED A JOB ???
> http://www.oledrews.com/job
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
> -----Original Message-----
> From: Wojtek Zlobicki [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 30, 2001 10:54 AM
> To: [EMAIL PROTECTED]
> Subject: Re: access list w/ prime numers [7:14117]
>
>
> > Hola All!
> >
> > I want to set up an access list that do the following:
> > deny all packets from subnet 192.168.1.0 with last octect a prime numer.
>
> I dont think you realize the complexity of what you are asking for. This
is
> a very complex rule (I sure would not my router making such decisions,
they
> would be very time consuming). If I am wrong and this is a true rule, I
> shall pay homage to the router gods..
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=14259&t=14117
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
