Actually my question was not clear, I think. My confusion is with the IP vs. TCP. In other words should it not be somthing like:
deny ip any any eq 139 permit ip any any Why deny TCP and permit IP as opposed to deny IP and permit IP? Also, the purpose of these is that I am trying to block some suspicious activity on those ports (I think someone may be running an illegal IRC server on that port). Thanx for the reply (and the kid gloves). :-) Anil Gupte ----- Original Message ----- From: "Scott Nawalaniec" To: "'Anil Gupte'" ; Sent: Thursday, February 21, 2002 10:17 PM Subject: RE: Access Lists are a bit mystifying [7:36164] > Hi Anil, > > Sometimes its scaring posting to this group. =) > > To answer your question, > if you don't the permit IP any any command, there is an implicit deny rule > at the end of an access-list, which will drop all traffic that you have not > allowed through the access-list. > > The other two deny statements are dropping netbios port 139 and something > that uses port 6666. > > Hope this helps. > > Scott > > -----Original Message----- > From: Anil Gupte [mailto:[EMAIL PROTECTED]] > Sent: Thursday, February 21, 2002 7:59 PM > To: [EMAIL PROTECTED] > Subject: Access Lists are a bit mystifying [7:36164] > > > Hi All! > > I watch this list occassionally (when I have time). This is my first post > to this list, so be kind. :p) > > In the access list below: > ************** > conf t > int ethernet0/0 > no ip access-list extended secure2 > ip access-list extended secure2 > deny tcp any any eq 6666 > deny tcp any any eq 139 > permit ip any any > > int ethernet0/0 > ip access-group secure2 out > ip access-group secure2 in > > exit > wr > ************** > Why is it that you need to deny TCP and permit IP? Or did I not do this > right? > > Thanx, > Anil Gupte Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36168&t=36164 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
