From: Lee Donald (Lee.Donald@t-systems.co.uk)
Date: Thu Oct 06 2005 - 11:05:05 GMT-3
Leigh,
How's it going? Your access-list does work however it also includes other
hosts with your list that your not suppose to deny, for example 200.0.2.16
would also be denied using your list but the question does not ask for that.
Regards
Lee.
-----Original Message-----
From: Leigh Harrison [mailto:ccileigh@gmail.com]
Sent: 06 October 2005 14:49
To: ccielab@groupstudy.com
Subject: Double Check access-list
Hey there,
Could someone double check this for me? I think I've been staring at
the screen too long....
From IEWB lab vol 1 17 Q.10
Use the minumum lines necessary to deny these hosts:-
200.0.1.2
200.0.3.2
200.0.3.10
200.0.1.18
200.0.3.26
200.0.1.10
200.0.3.18
200.0.1.26
I worked it out like this:-
128 64 32 16 8 4 2 1 #
0 0 0 0 0 0 0 1 1
0 0 0 0 0 0 1 1 3
0 0 0 0 0 0 1 0 2
0 0 0 0 1 0 1 0 10
0 0 0 1 0 0 1 0 18
0 0 0 1 1 0 1 0 26
From that, in the third octet, the only bit that cnages is 2 and both
variables are present. In the fourth octet, the only bits that change
are the 16 and 8 bits and all 4 variables are present.
So I came up with :-
access-list 1 deny 200.0.1.2 0.0.2.24
access-list 1 permit any
However, the official answer is:-
access-list 1 deny 200.0.1.2 0.0.2.8
access-list 1 deny 200.0.1.18 0.0.2.0
access-list 1 deny 200.0.1.26 0.0.2.0
access-list 1 permit any
Am I missing something ?!?
Time for a brew.....
LH
This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:49 GMT-3