Re: Classifying incoming vs outgoing HTTP traffic

From: naveen M S <navin.ms_at_gmail.com>
Date: Thu, 2 Apr 2009 11:38:10 -0700

Thanks Divin. This is my understanding.

WebClient---------------------------------WebServer

1) For Traffic flowing from Client to Server:
         Src TCP port = Any
         Dest TCP port = 80

2) For traffic flowing from Server to Client:
        Src TCP port = 80
        Dest TCP port = 80

Is this correct ?

On Thu, Apr 2, 2009 at 11:19 AM, Divin Mathew John <divinjohn_at_gmail.com>wrote:

> I think destination Port would be more APT.! becoz to connect to a normal
> HTTP webserver u wud use port 80 to connect to web server and not
> necessarily POrt 80 on your comp.!
> Thanking You
>
> Yours Sincerely
>
> Divin Mathew John
> divinjohn_at_gmail.com
> divin_at_dide3d.com
> +91 9945430983
> +91 9846697191
> +974 5008916
> PGP PUBLIC KEY BLOCK @ http://www.dide3d.com/divin_Public_PGP_key.txt
> Sent from Bangalore, KA, India
>
> On Thu, Apr 2, 2009 at 11:44 PM, naveen M S <navin.ms_at_gmail.com> wrote:
>
>> Group,
>>
>> I have trouble translating these statements to ACLs.
>>
>> 1) All HTTP traffic coming from Vlan 34.
>> 2) All HTTP traffic coming from R1 on Vlan 34.
>> 3) All HTTP traffic coming from Web Server on Vlan 34.
>> 4) All HTTP traffic going out to Vlan 34.
>> 5) All HTTP traffic going out to Web Server on Vlan 34.
>>
>> *Question is:*
>> Should I match both Source and Destination TCP port to 80 (or) just one of
>> them ?
>> Assume Vlan 34 = 10.1.34.0/24, R1 = 10.1.34.1/24, WebServer =
>> 10.1.34.100/24
>>
>> My solutions is for the above are:
>>
>> a) Match source tcp port = 80 for incoming HTTP traffic
>> b) Match destination tcp port = 80 for outgoing HTTP traffic.
>>
>> 1) ip access-list extended V34_in
>> permit tcp 10.1.34.0 0.0.0.255 eq www any
>>
>> 2) ip access-list extended V34_R1_in
>> permit tcp 10.1.34.1 0.0.0.0 eq www any
>>
>> 3) ip access-list extended V34_WS_in
>> permit tcp 10.1.30.100 0.0.0.0 eq www any
>>
>> 4) ip access-list extended V34_out
>> permit tcp any 10.1.30.0 0.0.0.255 eq www
>>
>> 5) ip access-list extended V34_WS_out
>> permit tcp any 10.1.30.100 0.0.0.0 eq www
>>
>> Can someone please highlight the Source & Destination TCP ports for HTTP
>> traffic in both directions ?
>>
>> Thanks very much,
>> Naveen.
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu Apr 02 2009 - 11:38:10 ART

This archive was generated by hypermail 2.2.0 : Mon May 04 2009 - 07:39:11 ART