[18586] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

a slight modification to ACL 112

daemon@ATHENA.MIT.EDU (bmanning@ISI.EDU)
Tue Aug 11 09:54:25 1998

From: bmanning@ISI.EDU
To: nanog@merit.edu, apops@apnic.net, eof-list@ripe.net
Date: Tue, 11 Aug 1998 06:12:44 -0700 (PDT)


For those of you with access lists, I've made this small modification to
the list that I originally got via Andrew Partan. You may wish to consider
the change in respect to your own acls.  In cisco format:


access-list 112 deny   ip host 0.0.0.0 any
!	Loopback
access-list 112 deny   ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
!	RFC 1918 space
access-list 112 deny   ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
access-list 112 deny   ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
access-list 112 deny   ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255
!	Test Network
access-list 112 deny   ip 192.0.2.0 0.0.0.255 255.255.255.0 0.0.0.255
! 	IPv4 LinkLocal
access-list 112 deny   ip 169.254.0.0 0.0.255.255 255.255.0.0 0.0.255.255


--bill


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[18586] in North American Network Operators' Group

a slight modification to ACL 112

daemon@ATHENA.MIT.EDU (bmanning@ISI.EDU)Tue Aug 11 09:54:25 1998

daemon@ATHENA.MIT.EDU (bmanning@ISI.EDU)
Tue Aug 11 09:54:25 1998