From: James Kilby (jamkilby@xxxxxxxxx)
Date: Wed Feb 07 2001 - 08:38:37 GMT-3
Consider the following HYPERTHETICAL example on netbios filtering...
In the configs below, notice the promiscuous nature of CCIE2B.
He is advertising several services. His current peers, MYGIRLFIEND
and MYWIFE, have concurrent connection with him, but do not see
each other.
MYWIFE cannot see HARDWILLY attached to CCIE2B because of
UGLYBUTT, and can see PROBLEM.
MYGIRLFRIEND has CUTEASS, she sees HARDWILLY and can see
NOPROBLEM, she does not see SOFTWILLY, and cannot see PROBLEM.
Even if MYWIFE connects with CCIE2B and repeatedly continues with the
logging-off, she will never see HARDWILLY because of UGLYBUTT :-)
---------------------------------------------------------
hostname CCIE2B
!
dlsw local-peer peer-id 2.2.2.2 promiscuous
dlsw icanreach netbios-exclusive
dlsw icanreach netbios-name HARDWILLY
dlsw icanreach netbios-name SOFTWILLY
dlsw icanreach netbios-name PROBLEM
dlsw icanreach netbios-name NOPROBLEM
dlsw bridge-group 1
!
bridge 1 protocol ieee
----------------------------------------------------------
hostname MYWIFE_aka_R3
!
netbios access-list host UGLYBUTT permit SOFTWILLY
netbios access-list host UGLYBUTT permit PROBLEM
netbios access-list host UGLYBUTT deny *
enable password cisco
!
dlsw local-peer peer-id 3.3.3.3
dlsw remote-peer 0 tcp 2.2.2.2 host-netbios-out UGLYBUTT
dlsw bridge-group 1
!
bridge 1 protocol ieee
----------------------------------------------------------
hostname MYGIRLFRIEND_aka_R5
!
netbios access-list host CUTEASS permit HARDWILLY
netbios access-list host CUTEASS permit NOPROBLEM
netbios access-list host CUTEASS deny *
!
dlsw local-peer peer-id 5.5.5.5
dlsw remote-peer 0 tcp 2.2.2.2 host-netbios-out CUTEASS
dlsw bridge-group 1
!
bridge 1 protocol ieee
-----------------------------------------------------------
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:40 GMT-3