R1(config)#access-list 100 permit ? <0-255> An IP protocol number ahp Authentication Header Protocol eigrp Cisco's EIGRP routing protocol esp Encapsulation Security Payload gre Cisco's GRE tunneling icmp Internet Control Message Protocol igmp Internet Gateway Message Protocol ip Any Internet Protocol ipinip IP in IP tunneling nos KA9Q NOS compatible IP over IP tunneling object-group Service object group ospf OSPF routing protocol pcp Payload Compression Protocol pim Protocol Independent Multicast sctp Stream Control Transmission Protocol tcp Transmission Control Protocol udp User Datagram Protocol R1(config)#access-list 100 permit tcp ? A.B.C.D Source address any Any source host host A single source host object-group Source network object group R1(config)#access-list 100 deny tcp 192.168.0.1 ? A.B.C.D Source wildcard bits R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 ? A.B.C.D Destination address any Any destination host eq Match only packets on a given port number gt Match only packets with a greater port number host A single destination host lt Match only packets with a lower port number neq Match only packets not on a given port number object-group Destination network object group range Match only packets in the range of port numbers R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 eq ? <0-65535> Port number bgp Border Gateway Protocol (179) chargen Character generator (19) cmd Remote commands (rcmd, 514) daytime Daytime (13) discard Discard (9) domain Domain Name Service (53) drip Dynamic Routing Information Protocol (3949) echo Echo (7) exec Exec (rsh, 512) finger Finger (79) ftp File Transfer Protocol (21) ftp-data FTP data connections (20) gopher Gopher (70) hostname NIC hostname server (101) ident Ident Protocol (113) irc Internet Relay Chat (194) klogin Kerberos login (543) kshell Kerberos shell (544) login Login (rlogin, 513) lpd Printer service (515) nntp Network News Transport Protocol (119) R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 eq ww? www R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 ? A.B.C.D Destination address any Any destination host eq Match only packets on a given port number gt Match only packets with a greater port number host A single destination host lt Match only packets with a lower port number neq Match only packets not on a given port number object-group Destination network object group range Match only packets in the range of port numbers R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 host 192.168.4.1 ? ack Match on the ACK bit dscp Match packets with given dscp value eq Match only packets on a given port number established Match established connections fin Match on the FIN bit fragments Check non-initial fragments gt Match only packets with a greater port number log Log matches against this entry log-input Log matches against this entry, including input interface lt Match only packets with a lower port number neq Match only packets not on a given port number option Match packets with given IP Options value precedence Match packets with given precedence value psh Match on the PSH bit range Match only packets in the range of port numbers rst Match on the RST bit syn Match on the SYN bit time-range Specify a time-range tos Match packets with given TOS value ttl Match packets with given TTL value urg Match on the URG bit <cr> R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 host 192.168.4.1 eq 23 ? ack Match on the ACK bit dscp Match packets with given dscp value established Match established connections fin Match on the FIN bit log Log matches against this entry log-input Log matches against this entry, including input interface option Match packets with given IP Options value precedence Match packets with given precedence value psh Match on the PSH bit rst Match on the RST bit syn Match on the SYN bit time-range Specify a time-range tos Match packets with given TOS value ttl Match packets with given TTL value urg Match on the URG bit <cr>
access-list 100 deny tcp 192.168.0.1 0.0.0.255 host 192.168.4.1 eq 23
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255 route add default gw 192.168.0.254 eth0
UbuntuDockerGuest-1 console is now available... Press RETURN to get started. root@UbuntuDockerGuest-1:~# root@UbuntuDockerGuest-1:~# ip a bash: ip: command not found root@UbuntuDockerGuest-1:~# ifconfig eth0 Link encap:Ethernet HWaddr 7a:c9:56:35:34:f7 inet6 addr: fe80::78c9:56ff:fe35:34f7/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:16 errors:0 dropped:0 overruns:0 frame:0 TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1296 (1.2 KB) TX bytes:648 (648.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) root@UbuntuDockerGuest-1:~# vim bash: vim: command not found root@UbuntuDockerGuest-1:~# vi root@UbuntuDockerGuest-1:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface dcast 192.168.0.255est-1:~# ifconfig eth0 192.168.0.1 netmask 255.255.255.0 broa root@UbuntuDockerGuest-1:~# route add default gw 192.168.0.254 eth0 root@UbuntuDockerGuest-1:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.0.254 0.0.0.0 UG 0 0 0 eth0 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255 route add default gw 192.168.0.254 eth0
ifconfig eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255 route add default gw 192.168.0.254 eth0
ifconfig eth0 192.168.0.3 netmask 255.255.255.0 broadcast 192.168.0.255 route add default gw 192.168.0.254 eth0
ifconfig eth0 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255 route add default gw 192.168.2.254 eth0
ifconfig eth0 192.168.4.1 netmask 255.255.255.0 broadcast 192.168.4.255 route add default gw 192.168.4.254 eth0
Python,Go,Perl,PHP-5 console is now available... Press RETURN to get started. root@Python,Go,Perl,PHP-5:~# adcast 192.168.4.255PHP-5:~# ifconfig eth0 192.168.4.1 netmask 255.255.255.0 bro root@Python,Go,Perl,PHP-5:~# route add default gw 192.168.4.254 eth0 root@Python,Go,Perl,PHP-5:~# ls root@Python,Go,Perl,PHP-5:~# echo hello>index.html root@Python,Go,Perl,PHP-5:~# php -S 0.0.0.0:80 Created directory: /var/lib/snmp/mib_indexes MIB search path: /root/.snmp/mibs:/usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/share/mibs/netsnmp Cannot find module (SNMPv2-MIB): At line 1 in (none) Cannot find module (IF-MIB): At line 1 in (none) Cannot find module (IP-MIB): At line 1 in (none) Cannot find module (TCP-MIB): At line 1 in (none) Cannot find module (UDP-MIB): At line 1 in (none) Cannot find module (HOST-RESOURCES-MIB): At line 1 in (none) Cannot find module (NOTIFICATION-LOG-MIB): At line 1 in (none) Cannot find module (DISMAN-EVENT-MIB): At line 1 in (none) Cannot find module (DISMAN-SCHEDULE-MIB): At line 1 in (none) Cannot find module (HOST-RESOURCES-TYPES): At line 1 in (none) Cannot find module (MTA-MIB): At line 1 in (none) Cannot find module (NETWORK-SERVICES-MIB): At line 1 in (none) Cannot find module (SNMPv2-TC): At line 15 in /usr/share/snmp/mibs/UCD-DISKIO-MIB.txt Cannot find module (SNMPv2-SMI): At line 34 in /usr/share/snmp/mibs/UCD-SNMP-MIB.txt Cannot find module (SNMPv2-TC): At line 37 in /usr/share/snmp/mibs/UCD-SNMP-MIB.txt Did not find 'enterprises' in module #-1 (/usr/share/snmp/mibs/UCD-SNMP-MIB.txt) Did not find 'DisplayString' in module #-1 (/usr/share/snmp/mibs/UCD-SNMP-MIB.txt) Did not find 'TruthValue' in module #-1 (/usr/share/snmp/mibs/UCD-SNMP-MIB.txt) Unlinked OID in UCD-SNMP-MIB: ucdavis ::= { enterprises 2021 } Undefined identifier: enterprises near line 39 of /usr/share/snmp/mibs/UCD-SNMP-MIB.txt (snip) Cannot adopt OID in NET-SNMP-EXAMPLES-MIB: netSnmpExampleNotificationObjects ::= { netSnmpExampleNotifications 2 } Cannot adopt OID in NET-SNMP-EXAMPLES-MIB: netSnmpExampleNotificationPrefix ::= { netSnmpExampleNotifications 0 } Cannot adopt OID in NET-SNMP-EXAMPLES-MIB: netSnmpHostsTable ::= { netSnmpExampleTables 2 } Cannot adopt OID in NET-SNMP-EXAMPLES-MIB: netSnmpIETFWGTable ::= { netSnmpExampleTables 1 } Cannot adopt OID in NET-SNMP-PASS-MIB: netSnmpPassOID ::= { netSnmpPassEntry 3 } Cannot adopt OID in NET-SNMP-PASS-MIB: netSnmpPassInteger ::= { netSnmpPassEntry 2 } Cannot adopt OID in NET-SNMP-PASS-MIB: netSnmpPassIndex ::= { netSnmpPassEntry 1 } Cannot adopt OID in NET-SNMP-VACM-MIB: netSnmpVacmMIB ::= { netSnmpObjects 9 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsVersion ::= { netSnmpObjects 1 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsMibRegistry ::= { netSnmpObjects 2 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsExtensions ::= { netSnmpObjects 3 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsDLMod ::= { netSnmpObjects 4 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsCache ::= { netSnmpObjects 5 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsErrorHistory ::= { netSnmpObjects 6 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsConfiguration ::= { netSnmpObjects 7 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsTransactions ::= { netSnmpObjects 8 } Cannot adopt OID in UCD-DEMO-MIB: ucdDemoMIB ::= { ucdavis 14 } Cannot adopt OID in UCD-SNMP-MIB: logMatch ::= { ucdavis 16 } Cannot adopt OID in UCD-SNMP-MIB: fileTable ::= { ucdavis 15 } Cannot adopt OID in UCD-SNMP-MIB: ucdTraps ::= { ucdavis 251 } Cannot adopt OID in UCD-SNMP-MIB: systemStats ::= { ucdavis 11 } Cannot adopt OID in UCD-SNMP-MIB: mrTable ::= { ucdavis 102 } Cannot adopt OID in UCD-SNMP-MIB: snmperrs ::= { ucdavis 101 } Cannot adopt OID in UCD-SNMP-MIB: version ::= { ucdavis 100 } Cannot adopt OID in UCD-SNMP-MIB: laTable ::= { ucdavis 10 } Cannot adopt OID in UCD-SNMP-MIB: dskTable ::= { ucdavis 9 } Cannot adopt OID in UCD-SNMP-MIB: memory ::= { ucdavis 4 } Cannot adopt OID in UCD-SNMP-MIB: extTable ::= { ucdavis 8 } Cannot adopt OID in UCD-SNMP-MIB: prTable ::= { ucdavis 2 } Cannot adopt OID in UCD-SNMP-MIB: ucdSnmpAgent ::= { ucdavis 250 } Cannot adopt OID in UCD-SNMP-MIB: ucdExperimental ::= { ucdavis 13 } Cannot adopt OID in UCD-SNMP-MIB: ucdInternal ::= { ucdavis 12 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsModuleEntry ::= { nsModuleTable 1 } Cannot adopt OID in UCD-SNMP-MIB: dskErrorMsg ::= { dskEntry 101 } Cannot adopt OID in UCD-SNMP-MIB: dskErrorFlag ::= { dskEntry 100 } Cannot adopt OID in UCD-SNMP-MIB: dskUsedHigh ::= { dskEntry 16 } Cannot adopt OID in UCD-SNMP-MIB: dskUsedLow ::= { dskEntry 15 } Cannot adopt OID in UCD-SNMP-MIB: dskAvailHigh ::= { dskEntry 14 } Cannot adopt OID in UCD-SNMP-MIB: dskAvailLow ::= { dskEntry 13 } Cannot adopt OID in UCD-SNMP-MIB: dskTotalHigh ::= { dskEntry 12 } Cannot adopt OID in UCD-SNMP-MIB: dskTotalLow ::= { dskEntry 11 } Cannot adopt OID in UCD-SNMP-MIB: dskPercentNode ::= { dskEntry 10 } Cannot adopt OID in UCD-SNMP-MIB: dskPercent ::= { dskEntry 9 } Cannot adopt OID in UCD-SNMP-MIB: dskUsed ::= { dskEntry 8 } Cannot adopt OID in UCD-SNMP-MIB: dskAvail ::= { dskEntry 7 } Cannot adopt OID in UCD-SNMP-MIB: dskTotal ::= { dskEntry 6 } Cannot adopt OID in UCD-SNMP-MIB: dskMinPercent ::= { dskEntry 5 } Cannot adopt OID in UCD-SNMP-MIB: dskMinimum ::= { dskEntry 4 } Cannot adopt OID in UCD-SNMP-MIB: dskDevice ::= { dskEntry 3 } Cannot adopt OID in UCD-SNMP-MIB: dskPath ::= { dskEntry 2 } Cannot adopt OID in UCD-SNMP-MIB: dskIndex ::= { dskEntry 1 } Cannot adopt OID in UCD-DISKIO-MIB: diskIOTable ::= { ucdDiskIOMIB 1 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLoggingGroup ::= { nsConfigGroups 2 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsDebugGroup ::= { nsConfigGroups 1 } Cannot adopt OID in UCD-SNMP-MIB: snmperrErrMessage ::= { snmperrs 101 } Cannot adopt OID in UCD-SNMP-MIB: snmperrErrorFlag ::= { snmperrs 100 } Cannot adopt OID in UCD-SNMP-MIB: snmperrNames ::= { snmperrs 2 } Cannot adopt OID in UCD-SNMP-MIB: snmperrIndex ::= { snmperrs 1 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsTransactionTable ::= { nsTransactions 1 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogStatus ::= { nsLoggingEntry 5 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogMaxLevel ::= { nsLoggingEntry 4 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogType ::= { nsLoggingEntry 3 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogToken ::= { nsLoggingEntry 2 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogLevel ::= { nsLoggingEntry 1 } Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendResult ::= { nsExtendOutput1Entry 4 } Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendOutNumLines ::= { nsExtendOutput1Entry 3 } Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendOutputFull ::= { nsExtendOutput1Entry 2 } Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendOutput1Line ::= { nsExtendOutput1Entry 1 } Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendOutLine ::= { nsExtendOutput2Entry 2 } Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendLineIndex ::= { nsExtendOutput2Entry 1 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsNotifyStart ::= { netSnmpNotifications 1 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsNotifyShutdown ::= { netSnmpNotifications 2 } Cannot adopt OID in NET-SNMP-AGENT-MIB: nsNotifyRestart ::= { netSnmpNotifications 3 } Cannot adopt OID in UCD-SNMP-MIB: laErrMessage ::= { laEntry 101 } Cannot adopt OID in UCD-SNMP-MIB: laErrorFlag ::= { laEntry 100 } Cannot adopt OID in UCD-SNMP-MIB: laLoadFloat ::= { laEntry 6 } Cannot adopt OID in UCD-SNMP-MIB: laLoadInt ::= { laEntry 5 } Cannot adopt OID in UCD-SNMP-MIB: laConfig ::= { laEntry 4 } Cannot adopt OID in UCD-SNMP-MIB: laLoad ::= { laEntry 3 } Cannot adopt OID in UCD-SNMP-MIB: laNames ::= { laEntry 2 } Cannot adopt OID in UCD-SNMP-MIB: laIndex ::= { laEntry 1 } PHP 7.0.28-0ubuntu0.16.04.1 Development Server started at Thu Mar 29 15:31:22 2018 Listening on http://0.0.0.0:80 Document root is /root Press Ctrl-C to quit. [Thu Mar 29 15:32:11 2018] 192.168.0.1:45262 Invalid request (Malformed HTTP request) [Thu Mar 29 15:32:32 2018] 192.168.0.1:45264 [200]: /index.html [Thu Mar 29 22:27:55 2018] 192.168.0.2:45482 Invalid request (Malformed HTTP request) [Thu Mar 29 22:27:58 2018] 192.168.0.2:45484 Invalid request (Malformed HTTP request) [Thu Mar 29 22:28:22 2018] 192.168.0.2:45486 Invalid request (Malformed HTTP request) [Thu Mar 29 22:28:37 2018] 192.168.0.2:45488 [200]: /index.html [Thu Mar 29 22:29:06 2018] 192.168.0.2:45490 [200]: /index.html [Thu Mar 29 22:29:11 2018] 192.168.0.2:45492 [200]: /index.html [Thu Mar 29 22:29:42 2018] 192.168.2.1:48932 [200]: /index.html [Thu Mar 29 22:29:44 2018] 192.168.2.1:48934 [200]: /index.html [Thu Mar 29 22:35:38 2018] 192.168.0.2:45502 Invalid request (Malformed HTTP request) [Thu Mar 29 22:35:41 2018] 192.168.0.1:45282 Invalid request (Malformed HTTP request) [Thu Mar 29 22:35:55 2018] 192.168.2.1:48942 [200]: / [Thu Mar 29 22:37:50 2018] 192.168.2.1:48948 [200]: / [Thu Mar 29 22:43:02 2018] 192.168.0.1:45296 [200]: / [Thu Mar 29 22:43:07 2018] 192.168.0.2:45514 [200]: / [Thu Mar 29 22:43:51 2018] 192.168.2.1:48954 [200]: / [Thu Mar 29 22:48:58 2018] 192.168.0.1:45302 [200]: / [Thu Mar 29 22:51:31 2018] 192.168.2.1:48960 [200]: / [Thu Mar 29 22:56:35 2018] 192.168.2.1:48966 [200]: / [Thu Mar 29 22:56:36 2018] 192.168.0.1:45308 [200]: / [Thu Mar 29 22:56:36 2018] 192.168.0.2:45526 [200]: /
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET /index.html HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host.
PHP: Built-in web server - Manual
ping 192.168.4.1 -c4 cat <<EOF | telnet 192.168.4.1 80 GET /index.html EOF
access-list 100 permit tcp 192.168.0.0 0.0.0.255 192.168.4.1 0.0.0.0 eq 80
access-list 100 permit tcp 192.168.0.0 0.0.0.255 192.168.4.1 0.0.0.0 eq www
int gig0/2 ip access-group 100 in exit
R1(config)#$ 100 permit tcp 192.168.0.0 0.0.0.255 192.168.0.0 0.0.0.0 eq www R1(config)#$ 100 permit tcp 192.168.0.0 0.0.0.255 192.168.0.0 0.0.0.0 eq 80
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. fawsdfa Connection closed by foreign host.
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. asdf Connection closed by foreign host.
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host.
R1(config)#int gig0/2 R1(config-if)#ip acc R1(config-if)#ip acce R1(config-if)#ip access-group 100 in R1(config-if)#exit
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... telnet: Unable to connect to remote host: No route to host
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80 Trying 192.168.4.1... telnet: Unable to connect to remote host: No route to host
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host.
R1(config)#$ 100 permit tcp 192.168.0.0 0.0.0.255 192.168.4.1 0.0.0.0 eq 80 R1(config)#do sh run | i access-list access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.0 eq www access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.4.1 eq www R1(config)#do sh run int gig0/2 Building configuration... Current configuration : 142 bytes ! interface GigabitEthernet0/2 ip address 192.168.0.254 255.255.255.0 ip access-group 100 in duplex auto speed auto media-type rj45 end
ping 192.168.4.1 -c4
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c4 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. From 192.168.0.254 icmp_seq=1 Packet filtered From 192.168.0.254 icmp_seq=2 Packet filtered From 192.168.0.254 icmp_seq=3 Packet filtered From 192.168.0.254 icmp_seq=4 Packet filtered --- 192.168.4.1 ping statistics --- 4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3004ms
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-2:~# ping 192.168.4.1 -c4 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. From 192.168.0.254 icmp_seq=1 Packet filtered From 192.168.0.254 icmp_seq=2 Packet filtered From 192.168.0.254 icmp_seq=3 Packet filtered From 192.168.0.254 icmp_seq=4 Packet filtered --- 192.168.4.1 ping statistics --- 4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3004ms
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-4:~# ping 192.168.4.1 -c4 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. 64 bytes from 192.168.4.1: icmp_seq=1 ttl=62 time=5.62 ms 64 bytes from 192.168.4.1: icmp_seq=2 ttl=62 time=7.07 ms 64 bytes from 192.168.4.1: icmp_seq=3 ttl=62 time=9.38 ms 64 bytes from 192.168.4.1: icmp_seq=4 ttl=62 time=4.60 ms --- 192.168.4.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 4.604/6.671/9.385/1.795 ms
verify major protocol name.
access-list 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq www log-input
R1(config)#no acc R1(config)#no access-list 10 R1(config)#no access-list 100 R1(config)#no access-list 100 R1(config)#access R1(config)#access-list 100 R1(config)#access-list 100 permi R1(config)#access-list 100 permit R1(config)#$ 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 ac R1(config)#$ 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 www R1(config)#$ 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq ww R1(config)#$ 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq www log R1(config)#$t tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq www log- R1(config)#$t tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq www log-input R1(config)#do sh run | i access-list access-list 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq www log-input R1(config)#do sh run int gig0/2 Building configuration... Current configuration : 142 bytes ! interface GigabitEthernet0/2 ip address 192.168.0.254 255.255.255.0 ip access-group 100 in duplex auto speed auto media-type rj45 end
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c4 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. From 192.168.0.254 icmp_seq=1 Packet filtered From 192.168.0.254 icmp_seq=2 Packet filtered From 192.168.0.254 icmp_seq=3 Packet filtered From 192.168.0.254 icmp_seq=4 Packet filtered --- 192.168.4.1 ping statistics --- 4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3003ms
R1(config)# *Mar 29 22:48:18.186: %SEC-6-IPACCESSLOGP: list 100 permitted tcp 192.168.0.1(45302) (GigabitEthernet0/2 3673.f233.0c62) -> 192.168.4.1(80), 1 packet
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80 Trying 192.168.4.1... telnet: Unable to connect to remote host: No route to host root@Python,Go,Perl,PHP-2:~# ping 192.168.4.1 -c4 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. From 192.168.0.254 icmp_seq=1 Packet filtered From 192.168.0.254 icmp_seq=2 Packet filtered From 192.168.0.254 icmp_seq=3 Packet filtered From 192.168.0.254 icmp_seq=4 Packet filtered --- 192.168.4.1 ping statistics --- 4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3003ms
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-4:~# ping 192.168.4.1 -c4 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. 64 bytes from 192.168.4.1: icmp_seq=1 ttl=62 time=4.29 ms 64 bytes from 192.168.4.1: icmp_seq=2 ttl=62 time=5.08 ms 64 bytes from 192.168.4.1: icmp_seq=3 ttl=62 time=4.37 ms 64 bytes from 192.168.4.1: icmp_seq=4 ttl=62 time=11.1 ms --- 192.168.4.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 4.296/6.227/11.154/2.861 ms
remove access list
R1(config)#no access-list 100 R1(config)#do sh run | i access-list R1(config)#do sh run int gig0/2 Building configuration... Current configuration : 142 bytes ! interface GigabitEthernet0/2 ip address 192.168.0.254 255.255.255.0 ip access-group 100 in duplex auto speed auto media-type rj45 end
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c4 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. 64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=8.00 ms 64 bytes from 192.168.4.1: icmp_seq=2 ttl=61 time=5.86 ms 64 bytes from 192.168.4.1: icmp_seq=3 ttl=61 time=11.7 ms 64 bytes from 192.168.4.1: icmp_seq=4 ttl=61 time=8.13 ms --- 192.168.4.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3005ms rtt min/avg/max/mdev = 5.862/8.440/11.755/2.117 ms
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-2:~# ping 192.168.4.1 -c4 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. 64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=6.96 ms 64 bytes from 192.168.4.1: icmp_seq=2 ttl=61 time=9.40 ms 64 bytes from 192.168.4.1: icmp_seq=3 ttl=61 time=8.20 ms 64 bytes from 192.168.4.1: icmp_seq=4 ttl=61 time=10.3 ms --- 192.168.4.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 6.961/8.728/10.348/1.277 ms
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-4:~# ping 192.168.4.1 -c4 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. 64 bytes from 192.168.4.1: icmp_seq=1 ttl=62 time=7.93 ms 64 bytes from 192.168.4.1: icmp_seq=2 ttl=62 time=5.58 ms 64 bytes from 192.168.4.1: icmp_seq=3 ttl=62 time=6.26 ms 64 bytes from 192.168.4.1: icmp_seq=4 ttl=62 time=6.05 ms --- 192.168.4.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 5.588/6.460/7.932/0.884 ms
access-list 101 deny ip host 192.168.0.1 host 192.168.4.1 log access-list 101 permit ip 192.168.0.0 0.0.0.255 any int gig0/2 ip access-group 101 in exit
R1(config)#access-list 101 deny ip host 192.168.0.1 host 192.168.4.1 log R1(config)#access-list 101 permit ip 192.168.0.0 0.0.0.255 any R1(config)#int gig0/2 R1(config-if)#ip acc R1(config-if)#ip acce R1(config-if)#ip access-group 101 in R1(config-if)#exit
ping 192.168.4.1 -c2 ping 192.168.0.2 -c2 ping 192.168.0.3 -c2 ping 192.168.2.1 -c2
root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c2 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. From 192.168.0.254 icmp_seq=1 Packet filtered From 192.168.0.254 icmp_seq=2 Packet filtered --- 192.168.4.1 ping statistics --- 2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1001ms
R1(config)# *Mar 29 23:39:53.477: %SEC-6-IPACCESSLOGDP: list 101 denied icmp 192.168.0.1 -> 192.168.4.1 (0/0), 1 packet R1(config)#^Z R1#sh ip R1#sh ip *Mar 29 23:40:22.830: %SYS-5-CONFIG_I: Configured from console by console R1#sh ip ac R1#sh ip acce R1#sh ip access-lists 101 R1#sh ip access-lists 101 Extended IP access list 101 10 deny ip host 192.168.0.1 host 192.168.4.1 log (2 matches) 20 permit ip 192.168.0.0 0.0.0.255 any
root@Python,Go,Perl,PHP-1:~# ping 192.168.0.2 -c2 PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data. 64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.377 ms 64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.166 ms --- 192.168.0.2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.166/0.271/0.377/0.106 ms root@Python,Go,Perl,PHP-1:~# ping 192.168.0.3 -c2 PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data. 64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.702 ms 64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.355 ms --- 192.168.0.3 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.355/0.528/0.702/0.175 ms root@Python,Go,Perl,PHP-1:~# ping 192.168.2.1 -c2 PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data. 64 bytes from 192.168.2.1: icmp_seq=1 ttl=62 time=7.63 ms 64 bytes from 192.168.2.1: icmp_seq=2 ttl=62 time=5.40 ms --- 192.168.2.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 5.407/6.519/7.632/1.115 ms
R1(config)#no access-list 101
access-list 102 deny tcp host 192.168.0.1 host 192.168.4.1 eq www access-list 102 permit ip any any
R1(config)#access-list 102 deny tcp host 192.168.0.1 host 192.168.4.1 eq www R1(config)#access-list 102 permit ip any any
telnet 192.168.4.1 80 GET / ping 192.168.4.1 -c1 ping 192.168.2.1 -c1 ping 192.168.0.3 -c1
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host.
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host.
something went wrong.
R1(config)#do sh run | i access-list access-list 102 deny tcp host 192.168.0.1 host 192.168.4.1 eq www access-list 102 permit ip any any R1(config)#do sh run int gig0/2 Building configuration... Current configuration : 142 bytes ! interface GigabitEthernet0/2 ip address 192.168.0.254 255.255.255.0 ip access-group 101 in duplex auto speed auto media-type rj45 end
access-group number invalid.
R1(config)#int gig0/2 R1(config-if)#ip acc R1(config-if)#ip acce R1(config-if)#ip access-group 102 % Incomplete command. R1(config-if)#ip access-group 102 in R1(config-if)#exit R1(config)#do sh run | i access-list access-list 102 deny tcp host 192.168.0.1 host 192.168.4.1 eq www access-list 102 permit ip any any R1(config)#do sh run int gig0/2 Building configuration... Current configuration : 142 bytes ! interface GigabitEthernet0/2 ip address 192.168.0.254 255.255.255.0 ip access-group 102 in duplex auto speed auto media-type rj45 end
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... telnet: Unable to connect to remote host: No route to host root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c1 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. 64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=8.31 ms --- 192.168.4.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 8.310/8.310/8.310/0.000 ms root@Python,Go,Perl,PHP-1:~# ping 192.168.2.1 -c1 PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data. 64 bytes from 192.168.2.1: icmp_seq=1 ttl=62 time=5.71 ms --- 192.168.2.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 5.719/5.719/5.719/0.000 ms root@Python,Go,Perl,PHP-1:~# ping 192.168.0.3 -c1 PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data. 64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.408 ms --- 192.168.0.3 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.408/0.408/0.408/0.000 ms
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-2:~# ping 192.168.4.1 -c1 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. 64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=6.22 ms --- 192.168.4.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 6.223/6.223/6.223/0.000 ms root@Python,Go,Perl,PHP-2:~# ping 192.168.2.1 -c1 PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data. 64 bytes from 192.168.2.1: icmp_seq=1 ttl=62 time=5.97 ms --- 192.168.2.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 5.977/5.977/5.977/0.000 ms root@Python,Go,Perl,PHP-2:~# ping 192.168.0.3 -c1 PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data. 64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.645 ms --- 192.168.0.3 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.645/0.645/0.645/0.000 ms
access-list 199 permit tcp host 192.168.4.1 eq 80 192.168.0.0 0.0.0.255 log int gig0/2 ip access-group 102 in exit
R2(config)#$t tcp host 192.168.4.1 eq 80 192.168.0.0 0.0.0.255 log R2(config)#int gig0/2 R2(config-if)#ip acc R2(config-if)#ip acce R2(config-if)#ip access-group 102 in R2(config-if)#exit
R2(config)#do sh run | i access-list access-list 199 permit tcp host 192.168.4.1 eq www 192.168.0.0 0.0.0.255 log R2(config)#do sh run int gig/02 ^ % Invalid input detected at '^' marker. R2(config)#do sh run int gig0/2 Building configuration... Current configuration : 142 bytes ! interface GigabitEthernet0/2 ip address 192.168.4.254 255.255.255.0 ip access-group 102 in duplex auto speed auto media-type rj45 end
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c2 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. 64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=6.34 ms 64 bytes from 192.168.4.1: icmp_seq=2 ttl=61 time=7.70 ms --- 192.168.4.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 6.348/7.026/7.705/0.683 ms
no logging, ping success, something went wrong.
invalid acl number…. too
interface GigabitEthernet0/2 ip access-group 102 in
R2(config)#int gig0/2 R2(config-if)#ip acc R2(config-if)#ip acce R2(config-if)#ip access-group 199 in R2(config-if)#exit R2(config)#do sh run int gig0/2 Building configuration... Current configuration : 142 bytes ! interface GigabitEthernet0/2 ip address 192.168.4.254 255.255.255.0 ip access-group 199 in duplex auto speed auto media-type rj45 end
root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c2 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. 64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=6.34 ms 64 bytes from 192.168.4.1: icmp_seq=2 ttl=61 time=7.70 ms --- 192.168.4.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 6.348/7.026/7.705/0.683 ms root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c2 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. --- 192.168.4.1 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1007ms
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80 Trying 192.168.4.1... Connected to 192.168.4.1. Escape character is '^]'. GET / HTTP/0.9 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 6 hello Connection closed by foreign host. root@Python,Go,Perl,PHP-2:~# ping 192.168.4.1 -c2 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. --- 192.168.4.1 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1008ms
R2(config)# *Mar 30 00:13:20.888: %SEC-6-IPACCESSLOGP: list 199 permitted tcp 192.168.4.1(80) -> 192.168.0.1(45326), 1 packet R2(config)# *Mar 30 00:14:07.993: %SEC-6-IPACCESSLOGP: list 199 permitted tcp 192.168.4.1(80) -> 192.168.0.2(45544), 1 packet
ping 192.168.4.1 -c2 ping 192.168.0.1 -c2
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80 Trying 192.168.4.1... telnet: Unable to connect to remote host: Connection timed out root@Python,Go,Perl,PHP-4:~# ping 192.168.4.1 -c2 PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data. --- 192.168.4.1 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1009ms root@Python,Go,Perl,PHP-4:~# ping 192.168.0.1 -c2 PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. 64 bytes from 192.168.0.1: icmp_seq=1 ttl=62 time=5.59 ms 64 bytes from 192.168.0.1: icmp_seq=2 ttl=62 time=6.86 ms --- 192.168.0.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 5.594/6.231/6.869/0.642 ms