acl question

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
who can tell what range of addresses this acl would block?

deny tcp 192.168.96.0 0.0.15.255 any eq smtp



Re: acl question
On Wed, 06 Sep 2006 15:07:04 -0800, Larry Jones wrote:

Quoted text here. Click to load it

all of them due to the implicit deny at the end.

if you're really wondering about the address range for the 192.168.96.0/20
network...then:

network ID: 192.168.96.0 255.255.240.0
broadcast ID: 192.168.111.255
host range: 192.168.96.1 - 192.168.111.254

Re: acl question

Quoted text here. Click to load it

you have to include 192.168.111.255 as the question asked what addresses the
acl rule would block and as we don't know that there is any such
192.168.96.0/20 network "192.168.111.255 could well be a host address ...
not necessarily a broadcast address.

BernieM



Re: acl question
On Thu, 07 Sep 2006 06:40:48 +0000, BernieM wrote:

Quoted text here. Click to load it

as stated in the original post , that "acl" (aka access control list, NOT
access control entry) blocks EVERYTHING because of the implicit deny.  

Re: acl question

Quoted text here. Click to load it

Yes I know that but I was correcting our exclusion of 192.168.111.255 in the
acl 'entry'.

BernieM



Re: acl question

Quoted text here. Click to load it

Yes I know that but I was correcting your exclusion of 192.168.111.255 in
the
acl 'entry'.

BernieM



Re: acl question
thanks,

I was reffering to just  the acl statement (my bad)...of courses there has
to be a permit statement or else all is denied...

Quoted text here. Click to load it



Re: acl question
Larry Jones wrote:
Quoted text here. Click to load it

this would check for 192.168.96.0 to 192.168.111.255

i think :)

Gordon.


Site Timeline