From: Chua, Parry (Parry.Chua@xxxxxxxxxx)
Date: Tue Apr 23 2002 - 22:38:11 GMT-3
One way to learn about ACL is to know how IOS construct the ACL, do some test b
y creating as many
acl as you like and then do a show access-list. You will see when you construct
acl wrong, IOS
will generate the acl on how it suppose to look like
For example :-
R4(config)#access-list 1 permit 192.168.255.255 0.0.255.255
R4(config)#access-list 2 permit 192.168.255.255 0.0.31.255
R4(config)#access-list 3 permit 192.168.255.255 0.0.31.254
R4#sho access-lists
Standard IP access list 1
permit 192.168.0.0, wildcard bits 0.0.255.255
Standard IP access list 2
permit 192.168.224.0, wildcard bits 0.0.31.255
Standard IP access list 3
permit 192.168.224.1, wildcard bits 0.0.31.254
Take a closer look on what you set in access-list and the resultant acl generat
ed by IOS, you will
begin to know more how acl work...
You will notice as long as a bit is set(1) in mask, the correspond bit in sourc
e address will be "0". What it mean is that as long as the mask is a "1", the c
orrespond address bit will be consider as "0" and then a "1".
> Parry Chua
>
>
----- Original Message -----
From: "Jeongwoo Park" <jpark@wams.com>
To: <ccielab@groupstudy.com>
Sent: Tuesday, April 23, 2002 7:02 PM
Subject: ACL blocking odd ip address
> Hi all,
> ACL is like the more I see it, the more I get confused.
> How would you set up standard ACL to block odd ip addresses in the subnet
> 192.168.1.0/24? And how about blocking even numbers?
>
> JP
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:18 GMT-3