From: Bob Sinclair (bsin@xxxxxxxxx)
Date: Tue Mar 19 2002 - 21:59:22 GMT-3
Manny,
I believe the correct IP-Mask combo for "all even addresses on the 10.20.30.0/
24" subnet would be:
10.20.30.0 0.0.0.254
That is, use zeros to lock in the test subnet. I figure you knew that, but jus
t wanted to throw out some red meat to stimulate discussion.
BTW, thanks for the post re ACL test!
-Bob
----- Original Message -----
From: "Manny Gonzalez" <gonzalu@nyp.org>
To: "Brian Lodwick" <xpranax@hotmail.com>
Cc: <ccielab@groupstudy.com>
Sent: Tuesday, March 19, 2002 7:19 PM
Subject: Re: ACL wildcard masks
> BTW, all odds would be
>
> access-list 101 permit ip 1.1.1.1 254.254.254.254 host 10.0.0.1
>
> Of course you know this means ANY source address is being tested because
> the test ip is got only one bit turned on (or all off for the quad zero
> test)
>
> If you want to lock it down further, lock in your test portion with
> |255|
>
> e.g.
>
> from all even hosts on 10.20.30.0/24
>
> acl 193 perm ip 10.20.30.0 255.255.255.254 host 10.0.0.1
>
> This will only allow those hosts with an even host address from the
> subnet 10.20.30.xxx
>
> And if I am incorrect, the correct answer will flow shortly.. :-))
>
> Good luck
>
>
> Brian Lodwick wrote:
> >
> > Does this ACL say permit all packets with an even source addresses to
> > destination 10.0.0.1?
> >
> > access-list 101 permit ip 0.0.0.0 255.255.255.254 host 10.0.0.1
> >
> > If yes, is there a better way to do it?
> >
> > >>>Brian
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:13 GMT-3