IP extended access list question

From: Ian Stong (istong@stong.org)
Date: Wed Apr 23 2003 - 16:40:39 GMT-3

• Next message: C.Sammarcellino@sirtisistemi.it: "DLSW+ Icanreach"
• Previous message: Jason Cash: "RE: Priviledge commands"
• Next in thread: Brian Dennis: "RE: IP extended access list question"
• Maybe reply: Brian Dennis: "RE: IP extended access list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

What, if any, is the difference between the following 2 acl's?

access-list 100 deny tcp any any eq 53

-versus-

access-list 100 deny tcp any eq 53 any eq 53

IMHO they both only allow access to destination port 53 but what about the
source port? Seems to me the first allows any source port whereas the
second allows only port 53 as the source port.

Thanks,

Ian

www.ccie4u.com
Rack Rentals and Lab Scenarios starting at $20

• Next message: C.Sammarcellino@sirtisistemi.it: "DLSW+ Icanreach"
• Previous message: Jason Cash: "RE: Priviledge commands"
• Next in thread: Brian Dennis: "RE: IP extended access list question"
• Maybe reply: Brian Dennis: "RE: IP extended access list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2003 - 13:36:03 GMT-3