From: Jonathan V Hays (jhays@jtan.com)
Date: Sat Mar 22 2003 - 17:00:17 GMT-3
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf Of Fan Shan
> Sent: Saturday, March 22, 2003 12:29 PM
> To: ccielab@groupstudy.com
> Subject: Access-list question
>
>
> What is the difference between "permit tcp any eq smtp any
> " and "permit tcp any eq smtp any established"? which one
> should be used to permit the smtp response?
>
permit tcp any eq smtp any
allows the source address on TCP port 25 to open a connection to any
destination address.
permit tcp any eq smtp any established
allows the source address on TCP port 25 to respond to an already open
connection (established) to any destination address.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/
ip_r/iprprt1/1rdip.htm#1017448
established
(Optional) For the TCP protocol only: Indicates an established
connection. A match occurs if the TCP datagram has the ACK, FIN, PSH,
RST, SYN, or URG control bits set. The nonmatching case is that of the
initial TCP datagram to form a connection.
This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:43 GMT-3