two or three days ago i was asked to filter outgoing traceroute packets.
matching on source UDP port is like a solution (if you know what ports
are used) :)
On Fri, May 1, 2009 at 2:17 PM, Dale Shaw <dale.shaw_at_gmail.com> wrote:
> I reckon any task that asked you to do that wouldn't actually require
> you to know the range :-)
>
> (in other words, it'd be a reflexive ACL or CBAC task where return
> traffic associated outbound probes would be automagically permitted
> based on a state table entry.)
>
> cheers,
> Dale
>
> On Fri, May 1, 2009 at 1:57 PM, CCIE RS <cc13rs_at_gmail.com> wrote:
>> Thanks for the Link Scott!
>> I am asking this question form the perspective of LAB exam where, If asked
>> to configure an ACL (Somewhere in the path), but still allow outgoing
>> traceroute Packets.
>> I know the UDP port range starts form 33434, but I am clueless about the
>> upper limit. :(
>>
>> -CC13RS.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri May 01 2009 - 14:46:20 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:41 ART