[nsp] some filter questions

• Next message: Danny McPherson: "Re: [nsp] some filter questions"
• Previous message: Barry L. Bruins: "Re: [nsp] NFAS on AS5300"
• Next in thread: Danny McPherson: "Re: [nsp] some filter questions"
• Maybe reply: Danny McPherson: "Re: [nsp] some filter questions"
• Maybe reply: Janos Zsako: "Re: [nsp] some filter questions"
• Reply: Fredrik Widell: "Re: [nsp] some filter questions"
• Maybe reply: Danny McPherson: "Re: [nsp] some filter questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

I currently use 10.3 and I have a question on ip packet filter.

It thought I knew how tut it fails to filter.

I create access-list 105 as follow
access-list 105 deny udp any any eq netbios-ns
access-list 105 deny tcp any any eq 137
access-list 105 deny tcp any any eq 138
access-list 105 deny tcp any any eq 139
access-list 105 permit ip any any

and I put into etherport say 5 as follow

ip access-list 105 in

then I ping with land host 139, it will kill the machine.
why?

does it suppose to ?

I thought I filter the packet via accesss-list 105.

what did I do wrong?

thnx in adv.

tatsuya

いつもお世話になっております かわさき@ giganetです。

かわさき

= = = = = =
電話 03-3239-0607 fax 03-3239-2609
business network telecom
http://www.giganet.net

• Next message: Danny McPherson: "Re: [nsp] some filter questions"
• Previous message: Barry L. Bruins: "Re: [nsp] NFAS on AS5300"
• Next in thread: Danny McPherson: "Re: [nsp] some filter questions"
• Maybe reply: Danny McPherson: "Re: [nsp] some filter questions"
• Maybe reply: Janos Zsako: "Re: [nsp] some filter questions"
• Reply: Fredrik Widell: "Re: [nsp] some filter questions"
• Maybe reply: Danny McPherson: "Re: [nsp] some filter questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:15 EDT