Re: Port 0 Filter (Repost)

From: yuki hisano (yukyhisano@hotmail.com)
Date: Wed Apr 28 2004 - 17:31:41 GMT-3

• Next message: Richard Dumoulin: "RE: FRTS yet again - 2 (seemingly) simple questions"
• Previous message: Howard C. Berkowitz: "Re: Another burning question on BGP"
• Maybe in reply to: yuki hisano: "Port 0 Filter (Repost)"
• Next in thread: David Hiers: "RE: Port 0 Filter (Repost)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This worked!

Thanks!

Yuki

>From: "ccie" <ccie@netchild.pub.sa>
>To: "yuki hisano" <yukyhisano@hotmail.com>
>Subject: Re: Port 0 Filter (Repost)
>Date: Wed, 28 Apr 2004 16:01:44 +0300
>
>Hi,
>
>try this access list
>
>access-list 113 permit tcp any 192.168.128.0 0.0.0.255 range 1-65535
>log-input
>access-list 113 permit udp any 192.168.128.0 0.0.0.255 range 1-65535
>log-input
>access-list 113 permit ip any any
>
>NetChild,
>----- Original Message -----
>From: "yuki hisano" <yukyhisano@hotmail.com>
>To: <ccie@netchild.pub.sa>
>Cc: <ccielab@groupstudy.com>
>Sent: Tuesday, April 27, 2004 8:51 PM
>Subject: Re: Port 0 Filter (Repost)
>
>
> > I have tried it.
> > Here is the result.
> >
> > access-list 113 permit tcp any 192.168.128.0 0.0.0.255 log-input
> > access-list 113 permit udp any 192.168.128.0 0.0.0.255 log-input
> > access-list 113 permit ip any any
> >
> >
> >
> > Apr 27 17:35:09: %SEC-6-IPACCESSLOGP: list 113 permitted tcp
> > 192.168.120.201(0)
> > (Serial0/1 *HDLC*) -> 192.168.128.83(0), 1 packet
> > Apr 27 17:35:19: %SEC-6-IPACCESSLOGP: list 113 permitted tcp
> > 192.168.120.101(0)
> > (Serial0/1 *HDLC*) -> 192.168.128.4(0), 13 packets
> > Apr 27 17:35:23: %SEC-6-IPACCESSLOGP: list 113 permitted tcp
> > 192.168.120.101(0)
> > (Serial0/1 *HDLC*) -> 192.168.128.226(0), 247 packets
> > glory-ny#$-6-IPACCESSLOGP: list 113 permitted tcp 192.168.120.201(0)
> > Apr 27 17:35:09: %SEC-6-IPACCESSLOGP: list 113 permitted tcp
> > 192.168.120.201(0)
> >
> > Yuki
> >
> >
> > >From: "ccie" <ccie@netchild.pub.sa>
> > >To: "yuki hisano" <yukyhisano@hotmail.com>
> > >Subject: Re: Port 0 Filter (Repost)
> > >Date: Tue, 27 Apr 2004 20:18:46 +0300
> > >
> > >Hi Yuki,
> > >
> > > > I hooked some access-list just to see what type of port number it is
> > >using.
> > > > The result is like this:
> > > >
> > > > source: 192.168.X.X (0) destination 192.168.X.X (0) (they are
>either
> > >TCP
> > >or
> > > > UDP)
> > >
> > >This is not a port 0. We you deny with ip the syslog will show you the
>port
> > >as (0). To know the real port try to remove the denied ip and put deny
> > >tcp/udp. check the log and you will see the correct port number.
> > >
> > >NetChild,
> > >
> > >
> >
> > _________________________________________________________________
> > MSN 8 with e-mail virus protection service: 2 months FREE*
> > http://join.msn.com/?page=features/virus
> >
> >
>
>

• Next message: Richard Dumoulin: "RE: FRTS yet again - 2 (seemingly) simple questions"
• Previous message: Howard C. Berkowitz: "Re: Another burning question on BGP"
• Maybe in reply to: yuki hisano: "Port 0 Filter (Repost)"
• Next in thread: David Hiers: "RE: Port 0 Filter (Repost)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:57 GMT-3