SUMMARY/FLUMMERY (Re: [nsp] prolly a well-known bug, but..)
Len Rose
len at netsys.com
Tue Jul 22 02:09:49 EDT 2003
Rob Thomas contacted me and told me to use the range directive,
which totally solved the issue..
i.e.
access-list 101 deny tcp any host 5.6.7.8 ra 0 65535 log-input
access-list 101 deny udp any host 5.6.7.8 ra 0 65535 log-input
He also enlightened me in regards to the log-input modifier
which is also very useful.
Jon, to answer your question I am embarassed to say 12.03 T3
but it was an edge (very edge) router singly-homed.
Len
On Tue, Jul 22, 2003 at 12:25:05AM -0400, jlewis at lewis.org wrote:
[snipped]
> What did you upgrade from? I think it's been this way for quite some
> time. If you're interested in the port numbers, you need to specify
> a protocol and port ranges after each source/dest wildcard bits.
>
More information about the cisco-nsp
mailing list