From: Ed Lui (edwlui@gmail.com)
Date: Fri May 13 2005 - 01:36:52 GMT-3
Have not tested it. Will it work ?
ip access-list extended policy001
permit tcp any any eq http time-range bushr
permit tcp any any eq https time-range bushr
permit tcp any any eq smtp time-range bushr
deny ip any any bushr
permit ip any any time-range non_bushr
time-range bushr
periodic weekdays 9:00 to 16:59
time-range non_bushr
periodic weekdays 17:00 to 8:50
int xxx (outgoing)
ip access-group policy001 out
On 5/12/05, Loi, Choon Ho <ChoonHo.Loi@getronics.com> wrote:
> The ACL requirement would be:
> From 9am to 5 pm, allow only http, https and smtp
> From 5pm onwards, allow all traffic.
>
> -----Original Message-----
> From: Brian Dennis [mailto:bdennis@internetworkexpert.com]
> Sent: Friday, May 13, 2005 10:51 AM
> To: Loi, Choon Ho; GS
> Subject: RE: Time-base ACL
>
> You may be able to just use the same ACL. Post your ACL requirements.
>
> Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
>
> bdennis@internetworkexpert.com
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987
> Direct: 775-745-6404 (Outside the US and Canada)
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Loi, Choon Ho
> Sent: Thursday, May 12, 2005 7:45 PM
> To: GS
> Subject: Time-base ACL
>
> Hi,
> Is it possible that I use tclsh to control the ACL loading for a
> particular interface?
> Lets say,
> from 9-5 use acl abc, 5-12 use acl def
>
> Thanks.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:57 GMT-3