You are assuming that I (and others in this discussion) do not know how to
figure out wild card masks, which is not the focus of the question. Please,
take a step back and really try to listen. I appreciate your opinion and I
am very grateful that you are taking the time help. But, you are not
Ted,
Did you ever get any feedback on this? I have never heard of the frp
keyword in an access-list command.
Josh
-Original Message-
From: Ted Marinich [mailto:[EMAIL PROTECTED]]
Sent: Saturday, December 07, 2002 5:47 PM
To: [EMAIL PROTECTED]
Subject: Re: Darth Reid R1 Access-list [7
Josh,
No I never have. frp is a typo - should be FTP.
access-list 101 deny tcp host 135.152.1.1 eq ftp any
access-list 101 deny tcp host 135.152.1.1 eq http any
access-list 101 deny tcp 131.24.194.0 0.1.1.255 eq ftp any
access-list 101 deny tcp 131.24.194.0 0.1.1.255 eq http any
access-list
Ted Marinich wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Josh,
No I never have. frp is a typo - should be FTP.
CL: I believe I gave a good pointer and a good start in my earlier reply.
access-list 101 deny tcp host 135.152.1.1 eq ftp any
access-list 101 deny tcp host
OK,
The question is deny FTP and HTTP for these addresses:
131.24.194.x, 131.25.194.x, 135.152.1.1, 131.24.195.x, 131.24.193.x
Use least amount of lines in your ACL.
To match EXACTLY what the question asks with the minimum ACL, I come up with
this:
access-list 101 deny tcp host 135.152.1.1 eq
write it out in binary and study it until you understand why it is or is not
correct.
what - you expect someone else to do the work for you? how are you going to
learn?
Ted Marinich wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Correct me if I'm wrong, but I can't see why this
Follup Question:
Barring intentional obfusication, why would anyone actually use that
wildcard mask in an access list instead of a longer more readable
alternative?
Jarett
The Long and Winding Road wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
write it out in binary and
J.D. Chaiken wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Follup Question:
Barring intentional obfusication, why would anyone actually use that
wildcard mask in an access list instead of a longer more readable
alternative?
CL: since the publication of RFC 1812, the so
Barring intentional obfusication, why would anyone actually use that
wildcard mask in an access list instead of a longer more readable
alternative?
CL: since the publication of RFC 1812, the so called whacky wildcard
masks
are not supported. In other words, for a router to be
Steve you BAD boy - where have you been? I still read your CCIE Lab prep
advice, and it is posted on my web site as well ( www.chuckslongroad.info )
for all the good it does me ;-
Steve Dispensa wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Barring intentional
The Long and Winding Road:
As you can see from my original post, the binary equivelents are represented
in decimal format one octet at a time. The question is - has anyone
approached this question froma a different angle to get a more realistic
answer.
The first octet should allow 131 and 135
Ted Marinich wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
The Long and Winding Road:
As you can see from my original post, the binary equivelents are
represented
in decimal format one octet at a time. The question is - has anyone
approached this question froma a different
Actually he *did* answer it. Write it out in binary, it should be crystal
clear.
- Original Message -
From: Ted Marinich
To:
Sent: Friday, December 06, 2002 7:00 PM
Subject: Re: Darth Reid R1 Access-list [7:58644]
The Long and Winding Road:
As you can see from my original post
13 matches
Mail list logo
