[c-nsp] Match BGP in ACL

[james edwards]

I would just block all IP packets from reaching that interface, if it is
possible,
except for the peering session. BGP sessions can be taken down by a DoS
on any port or protocol. Who really needs to be able to contact this
interface,
directly ?

-- 
James H. Edwards
Routing and Security Administrator
At the Santa Fe Office: Internet at Cyber Mesa
jamesh at cybermesa.com
noc at cybermesa.com
(505) 795-7101