IPX access-list

From: Kevin Young (kvyoung@xxxxxxxx)
Date: Tue May 16 2000 - 03:43:59 GMT-3

• Next message: Frank K. Lu: "Re: TR VLANs"
• Previous message: Kevin M. Woods: "Re: Private-Config @ NVRAM ???"
• Next in thread: Frank K. Lu: "Re: IPX access-list"
• Maybe reply: Frank K. Lu: "Re: IPX access-list"
• Maybe reply: Frank K. Lu: "Re: IPX access-list"
• Maybe reply: Earl Aboytes: "RE: IPX access-list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Hi, everyone, there is a ipx access-list question puzzled me:
caslow'book said, create a ipx dialer-list to block rip and sap traffic,
  access-list 901 deny -1 ffffffff 0 ffffffff rip
  access-list 901 deny -1 ffffffff 0 ffffffff sap
  dialer-list 1 protocol ipx permit list 901
'-1' means all protocol types, '0'means all sources sockets, 'rip' and 'sap' me
an destination sockets.
but also the book said: setting the protocol to '0' means an undefined protocol
,refer to the socket number to determine the packet type. so I think it should
be:
  access-list 901 deny 0 ffffffff 0 ffffffff rip
  access-list 901 deny 0 ffffffff 0 ffffffff sap
  access-list 901 permit -1 any 0 any 0
  dialer-list 1 protocol ipx permit list 901
What do you think? What's the difference?

• Next message: Frank K. Lu: "Re: TR VLANs"
• Previous message: Kevin M. Woods: "Re: Private-Config @ NVRAM ???"
• Next in thread: Frank K. Lu: "Re: IPX access-list"
• Maybe reply: Frank K. Lu: "Re: IPX access-list"
• Maybe reply: Frank K. Lu: "Re: IPX access-list"
• Maybe reply: Earl Aboytes: "RE: IPX access-list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:29 GMT-3