add Re: Basic Port blocking in IOS

Sat, 12 Jan 2002 06:31:03 -0800 

the answer is not completly right you have to add a line to permit the rest 
of the traffic becouse the acls have an implicit deny any
so add this line after this:


>router(config)# access-list 151 deny 0.0.0.0 255.255.255.255 10.10.0.2
>0.0.255.255 udp 139

---add this>  router(config)# access-list 151 permit ip any any

Marco Antonio


>From: "John Allhiser" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Subject: Re: Basic Port blocking in IOS
>Date: Sat, 12 Jan 2002 07:24:44 -0600
>
>Use an extended access control list.  Extended ACls for IP are numbered 
>from
>100-199
>after you set the IP address you can specify a port and/or protocol.
>
>router(config)# access-list 151 deny 0.0.0.0 255.255.255.255 10.10.0.2
>0.0.255.255 udp 139
>
>router(config)# int x0
>router(config)# ip access-group 151 in
>
>See:
>http://www.cisco.com/univercd/cc/td/doc/product/atm/c8540/12_0/13_19/sw_cnfi
>g/access.htm#xtocid246915
>
>
>----- Original Message -----
>From: "Skeeve Stevens" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Saturday, January 12, 2002 2:23 AM
>Subject: Basic Port blocking in IOS
>
>
> >
> > Can someone assist me with the lines to block specific ports in IOS
> >
> > 12.1(5)YB2
> >
> > basically.. I want to be able to specify a port.. such as 139 and block
> > its tcp and udp traffic coming in via my main fibre link.
> >
> > I am assuming it is an access list and they are specified as deny, and
> > allow rest of the traffic..
> >
> >
> >
> > _______________________________________________________
> > Skeeve Stevens     Email: [EMAIL PROTECTED]
> > Website: www.skeeve.org  - Telephone: (0414) 753 383
> > Address: P.O Box 1035, Epping, NSW, 1710, Australia
> > _______________________________________________________
> > Avis est! Aeronavis est! supervir est!
> >
> >
> > _______________________________________________
> > Firewalls mailing list
> > [EMAIL PROTECTED]
> > http://lists.gnac.net/mailman/listinfo/firewalls
> >
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls




_________________________________________________________________
Hable con sus amigos en l�nea, pruebe MSN Messenger: http://messenger.msn.es

_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

Reply via email to