[nsp] Script to check for unused ACLs
Mussie
mussieg at comcast.net
Fri Jan 2 12:33:29 EST 2004
John:
Good stuff and timely. I've noticed you didn't include 'vpn' stuff such as
"match address ##" which is subcommand to "crypto map" statement. I've
tested this against Cisco-PIX, it works just as well.
Regards,
-Mussie G.
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of John Kristoff
Sent: Friday, January 02, 2004 12:00 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [nsp] Script to check for unused ACLs
On Fri, 02 Jan 2004 17:53:36 +0100
Steffen Voigt <steffen at electrolyte.de> wrote:
> you forget about the bgp stuff (as path acl's), i modified one line
> below ;-)
Thanks. Also, for those wondering... there is purposely no '-i' switch
on the egrep line. I've seen two different ACLs like this, one used,
one not:
ip access-list extended interface-customer-in
ip access-list extended Interface-customer-in
John
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list