From: Héctor Fernández (gnakh@telefonica.net)
Date: Fri Aug 05 2005 - 13:40:29 GMT-3
Hi all,
depending on if it's an FTP server or client.
If it's for an FTP client, your first guess is right
If it's for an FTP server, the last two statements on your second guess are
your right choice
If your wish is for any FTP traffic (both from a server or from a client),
choose the second.
On acls, I try to visualize the situation...:
FTP Standard mode - control connection (arrow means the direction the
connection is created, but keep in mind TCP traffic is bidirectional):
[server] (dport21) <----[router]<----("randon" SPort)[client]
FTP Standard mode - data connection/s:
[server] (dport20) ---->[router]---->("negotiated"Sport)[client]
So, depending on where you want to place the acl, pick the right statements
Best regards
Hictor
----- Original Message -----
From: "Rajib Khan" <rajib56666@yahoo.com>
To: <ccielab@groupstudy.com>
Sent: Friday, August 05, 2005 6:16 PM
Subject: ftp acl
> Hi Group
>
> I trying to find out correct ftp acl for QOS
>
> Out of 2 acls which one would be correct acl for ftp QOS
>
> 1. access 120 per tcp 1.1.1.0 0.0.0.255 any eq ftp
>
> access 120 per tcp 1.1.1.0 0.0.0.255 any eq ftp-data
>
>
> or
>
>
> 2. access 120 per tcp 1.1.1.0 0.0.0.255 any eq ftp
> access 120 per tcp 1.1.1.0 0.0.0.255 any eq ftp-data
> access 120 per tcp 1.1.1.0 0.0.0.255 eq ftp any
> access 120 per tcp 1.1.1.0 0.0.0.255 eq ftp-data any
>
>
> Thanks In advance
>
> Raj
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:18 GMT-3