From: Jonathan V Hays (jhays@jtan.com)
Date: Wed May 28 2003 - 11:20:44 GMT-3
No, 0x0d0d does *not* cover LSAP 0B. See my previous post.
-Jonathan
> -----Original Message-----
> From: phase90 [mailto:phase90@comcast.net]
> Sent: Tuesday, May 27, 2003 9:46 PM
> To: Hunt Lee; 'Jonathan V Hays'; ccielab@groupstudy.com; 'Joe Chang'
> Cc: 'FATHALLAH'
> Subject: Re: Filtering SNA
>
>
> There once was a doc on cisco.com where the mask is 0x0d0d.
> This covers SAPs
> 04 08 and 0B
>
> but you need the 1 bit for command or response - hence the 0dx.
>
>
> Jerry
> ----- Original Message -----
> From: Hunt Lee <huntl@webcentral.com.au>
> To: 'Jonathan V Hays' <jhays@jtan.com>; <ccielab@groupstudy.com>; 'Joe
> Chang' <changjoe@earthlink.net>
> Cc: 'FATHALLAH' <sfathallah@mail.cbi.net.ma>
> Sent: Tuesday, May 27, 2003 8:16 PM
> Subject: RE: Filtering SNA
>
>
> > Hi guys,
> >
> > I wrote out the whole thing... So is it the case where as
> soon as there
> is
> > a 1, I put a 1 in the bottom? If so, for LSAP type codes
> 00, 04, 08, 0C
> >
> > 4 0100 <--- no zeros on last 2 digits
> > 5 0101
> > 6 0110
> > 7 0111
> > 8 1000 <--- no zeros on last 2 digits
> > 9 1001
> > 10 1010 A
> > 11 1011 B
> > 12 1100 C <--- no zeros on last 2 digits
> > 13 1101 D
> > 14 1110 E
> > 15 1111 F
> >
> > -----------
> > 1100
> >
> > So would the answer be:
> >
> > access-list 200 permit 0x0000 0x0C00 (but NOT 0x0000 0x0c0c)
> >
> >
> >
> > And another eg. if we want to allow only 04 & 06...
> >
> > 4 0100
> > 5 0101
> > 6 0110
> > 7 0111
> > 8 1000
> > 9 1001
> > 10 1010 A
> > 11 1011 B
> > 12 1100 C
> > 13 1101 D
> > 14 1110 E
> > 15 1111 F
> >
> > -----------
> > 0110
> >
> >
> > So would the answer be:
> >
> > access-list 200 permit 0x0000 0x010A
> >
> >
> > My I correct?
> >
> > Regards,
> > H.
> >
> >
> >
> > -----Original Message-----
> > From: Jonathan V Hays [mailto:jhays@jtan.com]
> > Sent: Wednesday, 28 May 2003 3:48 AM
> > To: ccielab@groupstudy.com
> > Cc: 'FATHALLAH'; 'lg01'
> > Subject: RE: Filtering SNA
> >
> >
> > Hexadecimal 'B' is *not* a multiple of 4, but 'C' is.
> >
> > 8 1000
> > 9 1001
> > 10 1010 A
> > 11 1011 B
> > 12 1100 C <-
> > 13 1101 D
> > 14 1110 E
> > 15 1111 F
> >
> >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> > > Behalf Of FATHALLAH
> > > Sent: Tuesday, May 27, 2003 11:09 AM
> > > To: lg01; ccielab@groupstudy.com
> > > Subject: RE: Filtering SNA
> > >
> > >
> > > 00 04 08 0B all are multiple of 4. so 0C0C mean that the
> > > first and second
> > > bits must be "0" and Third or/and fourth can be 1 or 0. witch
> > > give you 00,
> > > 04, 08,0B.
> > >
> > > Said FATHALLAH
> > >
> > > -----Message d'origine-----
> > > De : nobody@groupstudy.com
> [mailto:nobody@groupstudy.com]De la part de
> > > lg01
> > >
> Envoyi : mardi 27 mai 2003 11:01
> > > @ : ccielab@groupstudy.com
> > > Objet : Filtering SNA
> > >
> > >
> > > Hello group,
> > >
> > > If anyone can shed some lights on this, that would be greatly
> > > appreciated.
> > >
> > > In an exercise, it asked me to only allow SNA traffic from
> > > RTA. And it said
> > > that the SNA ports used will be 00, 04, 08 & 0B.
> > >
> > > But somehow... the answwer config gives:
> > >
> > > access-list 200 permit 0x0000 0x0C0C
> > >
> > > But I don't understand how they dervie / calculate this ACL.
> > >
> > > Thanks.
> > >
> > > H.
> > >
> > >
> > > _______________________________________________
> > > No banners. No pop-ups. No kidding.
> > > Introducing My Way - http://www.myway.com
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:49 GMT-3