[rbak-nsp] Policy access-list

Анатолий Соломатин solomatin.av at gmail.com
Fri Jul 12 03:36:38 EDT 2019


HI,
seq 96 permit tcp host xx.xx.xx.xx any eq 88 class Permit
seq 97 permit tcp host yy.yy.yy.yy any eq 88 class Permit
seq 98 permit tcp any any eq 88 class Deny

"
1.1.2   IP ACL Statements (Rules)
<http://localhost:9032/alexserv?AC=LINK&ID=26857&FN=35_1543-CRA1191170_1-V1Uen.M.html&PA=access-list&ST=FULLTEXT#TOP>
In IP ACLs, each rule defines the action, either permit or deny, to be
taken for a packet if the packet satisfies the rule. A *permit* statement
causes any packet matching the criteria to be accepted. A *deny* statement
causes any packet matching the criteria to be dropped. A packet that does
not match the criteria of the first statement is subjected to the criteria
of the second statement, and so on, until the end of the IP ACL is reached;
at which point, the packet is dropped due to an implicit *deny any any*
statement at the end of every IP ACL."

пт, 12 июл. 2019 г. в 11:49, Bartek Mickiewicz <bmtych at gmail.com>:

> Hi,
> I'm having problem with policy access-list. I want to block all incoming
> connections to port 88 and allow two IP addresses to access that port.
> I've tried:
> seq 98 permit tcp any any eq 88 class Deny
> seq 103 permit tcp host xx.xx.xx.xx any eq 88 class Permit
> seq 103 permit tcp host yy.yy.yy.yy any eq 88 class Permit
> _______________________________________________
> redback-nsp mailing list
> redback-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/redback-nsp
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20190712/9e33642b/attachment-0001.htm>


More information about the redback-nsp mailing list