Access list

From: Joseph D. Phillips (jphillips@ufcwdrugtrust.org)
Date: Wed Mar 31 2004 - 21:24:01 GMT-3

• Next message: Scott, Tyson C: "RE: Access list"
• Previous message: Joseph D. Phillips: "Access list"
• Next in thread: R. Adjakou/Home: "Re: Access list"
• Maybe reply: R. Adjakou/Home: "Re: Access list"
• Maybe reply: William Chen: "Re: Access list"
• Maybe reply: Scott, Tyson C: "RE: Access list"
• Maybe reply: Scott, Tyson C: "RE: Access list"
• Maybe reply: Joseph D. Phillips: "RE: Access list"
• Maybe reply: Scott, Tyson C: "RE: Access list"
• Maybe reply: R. Adjakou/Home: "Re: Access list"
• Maybe reply: Scott Morris: "RE: Access list"
• Maybe reply: Scott Morris: "RE: Access list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

OK, I'll ask a more specific question. (I posted this in the internetworkexpert forum, too, by the way. I do think it's an important-enough topic to merit discussion here, though.)

How do you get from:

        Block these:
                1.10
                1.18
                1.2
                1.26
                3.10
                3.18
                3.2
                3.26
                
        to:

        deny x.x.1.2 0.0.2.8
        deny x.x.1.18 0.0.2.0
        deny x.x.1.26 0.0.2.0
        per any

-----Original Message-----
From: William Chen [mailto:kwchen@netvigator.com]
Sent: Wednesday, March 31, 2004 16:18
To: Joseph D. Phillips; Group Study (E-mail)
Subject: Re: Access list

Hi Joseph,

   The binary pattern you try to match is 000000X1 000XX010, where X can be
either 1 or 0. Isn't it?

   Then you should work out the inverse mark of the ACL easier.

Best Regards,
William Chen

----- Original Message -----
From: "Joseph D. Phillips" <jphillips@ufcwdrugtrust.org>
To: "Group Study (E-mail)" <ccielab@groupstudy.com>
Sent: Thursday, April 01, 2004 7:51 AM
Subject: Access list

> I've spent the entire afternoon on a single access list and still can't
figure out the logic. I've looked up articles, and converted everything to
binary and still can't make sense of this.
>
> Given the following networks (last two octets relevant), I need to block
them all in as few lines as possible. Some of you people can do this in your
heads. Simpletons like me, however, can't.
>
> These are the networks:
>
> 1.2
> 1.10
> 1.18
> 1.26
> 3.2
> 3.10
> 3.18
> 3.26
>
> In binary it looks like:
>
> 1 2 00000001 00000010
> 1 10 00000001 00001010
> 1 18 00000001 00010010
> 1 26 00000001 00011010
> 3 2 00000011 00000010
> 3 10 00000011 00001010
> 3 18 00000011 00010010
> 3 26 00000011 00011010
>
> What do I do after that? I know how to summarize them all into one
statement, but I need specific deny statements that only apply to the
networks to be blocked and to none else.
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Scott, Tyson C: "RE: Access list"
• Previous message: Joseph D. Phillips: "Access list"
• Next in thread: R. Adjakou/Home: "Re: Access list"
• Maybe reply: R. Adjakou/Home: "Re: Access list"
• Maybe reply: William Chen: "Re: Access list"
• Maybe reply: Scott, Tyson C: "RE: Access list"
• Maybe reply: Scott, Tyson C: "RE: Access list"
• Maybe reply: Joseph D. Phillips: "RE: Access list"
• Maybe reply: Scott, Tyson C: "RE: Access list"
• Maybe reply: R. Adjakou/Home: "Re: Access list"
• Maybe reply: Scott Morris: "RE: Access list"
• Maybe reply: Scott Morris: "RE: Access list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Apr 01 2004 - 08:15:50 GMT-3