RE: ACL

From: Scott Morris (smorris@internetworkexpert.com)
Date: Sun Nov 23 2008 - 13:09:57 ARST

• Next message: Narbik Kocharians: "Re: Got my CCIE# 22673 last monday!"
• Previous message: Adam Elghafri: "Re: CCIE Salary Survey"
• Maybe in reply to: Nitro Drops: "ACL"
• Next in thread: Darby Weaver: "Re: ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Absolutely! The first (although poorly written) is a protocol number 59.
The second represents a port number.

Take 17 or 6 as an example. As a protocol number, these represent (at least
if my memory is working this morning) TCP and UDP. As port numbers (ex #2)
they don't really represent much of anything unless some specific app is
using those ports.

HTH,

Scott Morris, CCIE4 #4713, JNCIE-M #153, JNCIS-ER, CISSP, et al.
CCSI/JNCI-M/JNCI-ER
Senior CCIE Instructor

smorris@internetworkexpert.com

Knowledge is power.
Power corrupts.
Study hard and be Eeeeviiiil......
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Nitro Drops
Sent: Sunday, November 23, 2008 8:54 AM
To: ccielab@groupstudy.com
Subject: ACL

Any differences between

1.) deny 59 any any

&

2.) deny tcp any any eq 59
    deny udp any any eq 59

Was doing ASET labs. used method1, but got penalised. Solution using method2

• Next message: Narbik Kocharians: "Re: Got my CCIE# 22673 last monday!"
• Previous message: Adam Elghafri: "Re: CCIE Salary Survey"
• Maybe in reply to: Nitro Drops: "ACL"
• Next in thread: Darby Weaver: "Re: ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Dec 01 2008 - 08:18:31 ARST