PG1X LASTHOPE WIKI

My Knowledge Base

User Tools

Site Tools

You are here: PG1X LASTHOPE WIKI » Technology » Networking » ACL: Extended ACL
Trace: ACL: Extended ACL
tech:network:extended-acl:extended-acl

ACL: Extended ACL

, ,

Virtual Lab 

R1(config)#access-list 100  permit ?
  <0-255>       An IP protocol number
  ahp           Authentication Header Protocol
  eigrp         Cisco's EIGRP routing protocol
  esp           Encapsulation Security Payload
  gre           Cisco's GRE tunneling
  icmp          Internet Control Message Protocol
  igmp          Internet Gateway Message Protocol
  ip            Any Internet Protocol
  ipinip        IP in IP tunneling
  nos           KA9Q NOS compatible IP over IP tunneling
  object-group  Service object group
  ospf          OSPF routing protocol
  pcp           Payload Compression Protocol
  pim           Protocol Independent Multicast
  sctp          Stream Control Transmission Protocol
  tcp           Transmission Control Protocol
  udp           User Datagram Protocol
R1(config)#access-list 100 permit tcp ?
  A.B.C.D       Source address
  any           Any source host
  host          A single source host
  object-group  Source network object group

R1(config)#access-list 100 deny tcp 192.168.0.1 ?
  A.B.C.D  Source wildcard bits

R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 ?
  A.B.C.D       Destination address
  any           Any destination host
  eq            Match only packets on a given port number
  gt            Match only packets with a greater port number
  host          A single destination host
  lt            Match only packets with a lower port number
  neq           Match only packets not on a given port number
  object-group  Destination network object group
  range         Match only packets in the range of port numbers

R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 eq ?
  <0-65535>    Port number
  bgp          Border Gateway Protocol (179)
  chargen      Character generator (19)
  cmd          Remote commands (rcmd, 514)
  daytime      Daytime (13)
  discard      Discard (9)
  domain       Domain Name Service (53)
  drip         Dynamic Routing Information Protocol (3949)
  echo         Echo (7)
  exec         Exec (rsh, 512)
  finger       Finger (79)
  ftp          File Transfer Protocol (21)
  ftp-data     FTP data connections (20)
  gopher       Gopher (70)
  hostname     NIC hostname server (101)
  ident        Ident Protocol (113)
  irc          Internet Relay Chat (194)
  klogin       Kerberos login (543)
  kshell       Kerberos shell (544)
  login        Login (rlogin, 513)
  lpd          Printer service (515)
  nntp         Network News Transport Protocol (119)

R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 eq ww?
www

R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 ?
  A.B.C.D       Destination address
  any           Any destination host
  eq            Match only packets on a given port number
  gt            Match only packets with a greater port number
  host          A single destination host
  lt            Match only packets with a lower port number
  neq           Match only packets not on a given port number
  object-group  Destination network object group
  range         Match only packets in the range of port numbers

R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 host 192.168.4.1 ?
  ack          Match on the ACK bit
  dscp         Match packets with given dscp value
  eq           Match only packets on a given port number
  established  Match established connections
  fin          Match on the FIN bit
  fragments    Check non-initial fragments
  gt           Match only packets with a greater port number
  log          Log matches against this entry
  log-input    Log matches against this entry, including input interface
  lt           Match only packets with a lower port number
  neq          Match only packets not on a given port number
  option       Match packets with given IP Options value
  precedence   Match packets with given precedence value
  psh          Match on the PSH bit
  range        Match only packets in the range of port numbers
  rst          Match on the RST bit
  syn          Match on the SYN bit
  time-range   Specify a time-range
  tos          Match packets with given TOS value
  ttl          Match packets with given TTL value
  urg          Match on the URG bit
  <cr>

R1(config)#access-list 100 deny tcp 192.168.0.1 0.0.0.255 host 192.168.4.1 eq 23 ?
  ack          Match on the ACK bit
  dscp         Match packets with given dscp value
  established  Match established connections
  fin          Match on the FIN bit
  log          Log matches against this entry
  log-input    Log matches against this entry, including input interface
  option       Match packets with given IP Options value
  precedence   Match packets with given precedence value
  psh          Match on the PSH bit
  rst          Match on the RST bit
  syn          Match on the SYN bit
  time-range   Specify a time-range
  tos          Match packets with given TOS value
  ttl          Match packets with given TTL value
  urg          Match on the URG bit
  <cr>
access-list 100 deny tcp 192.168.0.1 0.0.0.255 host 192.168.4.1 eq 23
  1. 15 Useful "ifconfig" Commands to Configure Network Interface in Linux
  2. How to Add or Change the Default Gateway in Linux: 9 Steps
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255
route add default gw 192.168.0.254 eth0
UbuntuDockerGuest-1 console is now available... Press RETURN to get started.
root@UbuntuDockerGuest-1:~#
root@UbuntuDockerGuest-1:~# ip a
bash: ip: command not found
root@UbuntuDockerGuest-1:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 7a:c9:56:35:34:f7
          inet6 addr: fe80::78c9:56ff:fe35:34f7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1296 (1.2 KB)  TX bytes:648 (648.0 B)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

root@UbuntuDockerGuest-1:~# vim
bash: vim: command not found
root@UbuntuDockerGuest-1:~# vi
root@UbuntuDockerGuest-1:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
dcast 192.168.0.255est-1:~# ifconfig eth0 192.168.0.1 netmask 255.255.255.0 broa
root@UbuntuDockerGuest-1:~# route add default gw 192.168.0.254 eth0
root@UbuntuDockerGuest-1:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.0.254   0.0.0.0         UG    0      0        0 eth0
192.168.0.0     *               255.255.255.0   U     0      0        0 eth0
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255
route add default gw 192.168.0.254 eth0
ifconfig eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255
route add default gw 192.168.0.254 eth0
ifconfig eth0 192.168.0.3 netmask 255.255.255.0 broadcast 192.168.0.255
route add default gw 192.168.0.254 eth0
ifconfig eth0 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255
route add default gw 192.168.2.254 eth0
ifconfig eth0 192.168.4.1 netmask 255.255.255.0 broadcast 192.168.4.255
route add default gw 192.168.4.254 eth0
Python,Go,Perl,PHP-5 console is now available... Press RETURN to get started.
root@Python,Go,Perl,PHP-5:~#
adcast 192.168.4.255PHP-5:~# ifconfig eth0 192.168.4.1 netmask 255.255.255.0 bro
root@Python,Go,Perl,PHP-5:~# route add default gw 192.168.4.254 eth0
root@Python,Go,Perl,PHP-5:~# ls
root@Python,Go,Perl,PHP-5:~# echo hello>index.html
root@Python,Go,Perl,PHP-5:~# php -S 0.0.0.0:80
Created directory: /var/lib/snmp/mib_indexes
MIB search path: /root/.snmp/mibs:/usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/share/mibs/netsnmp
Cannot find module (SNMPv2-MIB): At line 1 in (none)
Cannot find module (IF-MIB): At line 1 in (none)
Cannot find module (IP-MIB): At line 1 in (none)
Cannot find module (TCP-MIB): At line 1 in (none)
Cannot find module (UDP-MIB): At line 1 in (none)
Cannot find module (HOST-RESOURCES-MIB): At line 1 in (none)
Cannot find module (NOTIFICATION-LOG-MIB): At line 1 in (none)
Cannot find module (DISMAN-EVENT-MIB): At line 1 in (none)
Cannot find module (DISMAN-SCHEDULE-MIB): At line 1 in (none)
Cannot find module (HOST-RESOURCES-TYPES): At line 1 in (none)
Cannot find module (MTA-MIB): At line 1 in (none)
Cannot find module (NETWORK-SERVICES-MIB): At line 1 in (none)
Cannot find module (SNMPv2-TC): At line 15 in /usr/share/snmp/mibs/UCD-DISKIO-MIB.txt
Cannot find module (SNMPv2-SMI): At line 34 in /usr/share/snmp/mibs/UCD-SNMP-MIB.txt
Cannot find module (SNMPv2-TC): At line 37 in /usr/share/snmp/mibs/UCD-SNMP-MIB.txt
Did not find 'enterprises' in module #-1 (/usr/share/snmp/mibs/UCD-SNMP-MIB.txt)
Did not find 'DisplayString' in module #-1 (/usr/share/snmp/mibs/UCD-SNMP-MIB.txt)
Did not find 'TruthValue' in module #-1 (/usr/share/snmp/mibs/UCD-SNMP-MIB.txt)
Unlinked OID in UCD-SNMP-MIB: ucdavis ::= { enterprises 2021 }
Undefined identifier: enterprises near line 39 of /usr/share/snmp/mibs/UCD-SNMP-MIB.txt
(snip)
Cannot adopt OID in NET-SNMP-EXAMPLES-MIB: netSnmpExampleNotificationObjects ::= { netSnmpExampleNotifications 2 }
Cannot adopt OID in NET-SNMP-EXAMPLES-MIB: netSnmpExampleNotificationPrefix ::= { netSnmpExampleNotifications 0 }
Cannot adopt OID in NET-SNMP-EXAMPLES-MIB: netSnmpHostsTable ::= { netSnmpExampleTables 2 }
Cannot adopt OID in NET-SNMP-EXAMPLES-MIB: netSnmpIETFWGTable ::= { netSnmpExampleTables 1 }
Cannot adopt OID in NET-SNMP-PASS-MIB: netSnmpPassOID ::= { netSnmpPassEntry 3 }
Cannot adopt OID in NET-SNMP-PASS-MIB: netSnmpPassInteger ::= { netSnmpPassEntry 2 }
Cannot adopt OID in NET-SNMP-PASS-MIB: netSnmpPassIndex ::= { netSnmpPassEntry 1 }
Cannot adopt OID in NET-SNMP-VACM-MIB: netSnmpVacmMIB ::= { netSnmpObjects 9 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsVersion ::= { netSnmpObjects 1 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsMibRegistry ::= { netSnmpObjects 2 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsExtensions ::= { netSnmpObjects 3 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsDLMod ::= { netSnmpObjects 4 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsCache ::= { netSnmpObjects 5 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsErrorHistory ::= { netSnmpObjects 6 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsConfiguration ::= { netSnmpObjects 7 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsTransactions ::= { netSnmpObjects 8 }
Cannot adopt OID in UCD-DEMO-MIB: ucdDemoMIB ::= { ucdavis 14 }
Cannot adopt OID in UCD-SNMP-MIB: logMatch ::= { ucdavis 16 }
Cannot adopt OID in UCD-SNMP-MIB: fileTable ::= { ucdavis 15 }
Cannot adopt OID in UCD-SNMP-MIB: ucdTraps ::= { ucdavis 251 }
Cannot adopt OID in UCD-SNMP-MIB: systemStats ::= { ucdavis 11 }
Cannot adopt OID in UCD-SNMP-MIB: mrTable ::= { ucdavis 102 }
Cannot adopt OID in UCD-SNMP-MIB: snmperrs ::= { ucdavis 101 }
Cannot adopt OID in UCD-SNMP-MIB: version ::= { ucdavis 100 }
Cannot adopt OID in UCD-SNMP-MIB: laTable ::= { ucdavis 10 }
Cannot adopt OID in UCD-SNMP-MIB: dskTable ::= { ucdavis 9 }
Cannot adopt OID in UCD-SNMP-MIB: memory ::= { ucdavis 4 }
Cannot adopt OID in UCD-SNMP-MIB: extTable ::= { ucdavis 8 }
Cannot adopt OID in UCD-SNMP-MIB: prTable ::= { ucdavis 2 }
Cannot adopt OID in UCD-SNMP-MIB: ucdSnmpAgent ::= { ucdavis 250 }
Cannot adopt OID in UCD-SNMP-MIB: ucdExperimental ::= { ucdavis 13 }
Cannot adopt OID in UCD-SNMP-MIB: ucdInternal ::= { ucdavis 12 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsModuleEntry ::= { nsModuleTable 1 }
Cannot adopt OID in UCD-SNMP-MIB: dskErrorMsg ::= { dskEntry 101 }
Cannot adopt OID in UCD-SNMP-MIB: dskErrorFlag ::= { dskEntry 100 }
Cannot adopt OID in UCD-SNMP-MIB: dskUsedHigh ::= { dskEntry 16 }
Cannot adopt OID in UCD-SNMP-MIB: dskUsedLow ::= { dskEntry 15 }
Cannot adopt OID in UCD-SNMP-MIB: dskAvailHigh ::= { dskEntry 14 }
Cannot adopt OID in UCD-SNMP-MIB: dskAvailLow ::= { dskEntry 13 }
Cannot adopt OID in UCD-SNMP-MIB: dskTotalHigh ::= { dskEntry 12 }
Cannot adopt OID in UCD-SNMP-MIB: dskTotalLow ::= { dskEntry 11 }
Cannot adopt OID in UCD-SNMP-MIB: dskPercentNode ::= { dskEntry 10 }
Cannot adopt OID in UCD-SNMP-MIB: dskPercent ::= { dskEntry 9 }
Cannot adopt OID in UCD-SNMP-MIB: dskUsed ::= { dskEntry 8 }
Cannot adopt OID in UCD-SNMP-MIB: dskAvail ::= { dskEntry 7 }
Cannot adopt OID in UCD-SNMP-MIB: dskTotal ::= { dskEntry 6 }
Cannot adopt OID in UCD-SNMP-MIB: dskMinPercent ::= { dskEntry 5 }
Cannot adopt OID in UCD-SNMP-MIB: dskMinimum ::= { dskEntry 4 }
Cannot adopt OID in UCD-SNMP-MIB: dskDevice ::= { dskEntry 3 }
Cannot adopt OID in UCD-SNMP-MIB: dskPath ::= { dskEntry 2 }
Cannot adopt OID in UCD-SNMP-MIB: dskIndex ::= { dskEntry 1 }
Cannot adopt OID in UCD-DISKIO-MIB: diskIOTable ::= { ucdDiskIOMIB 1 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLoggingGroup ::= { nsConfigGroups 2 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsDebugGroup ::= { nsConfigGroups 1 }
Cannot adopt OID in UCD-SNMP-MIB: snmperrErrMessage ::= { snmperrs 101 }
Cannot adopt OID in UCD-SNMP-MIB: snmperrErrorFlag ::= { snmperrs 100 }
Cannot adopt OID in UCD-SNMP-MIB: snmperrNames ::= { snmperrs 2 }
Cannot adopt OID in UCD-SNMP-MIB: snmperrIndex ::= { snmperrs 1 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsTransactionTable ::= { nsTransactions 1 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogStatus ::= { nsLoggingEntry 5 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogMaxLevel ::= { nsLoggingEntry 4 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogType ::= { nsLoggingEntry 3 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogToken ::= { nsLoggingEntry 2 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsLogLevel ::= { nsLoggingEntry 1 }
Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendResult ::= { nsExtendOutput1Entry 4 }
Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendOutNumLines ::= { nsExtendOutput1Entry 3 }
Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendOutputFull ::= { nsExtendOutput1Entry 2 }
Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendOutput1Line ::= { nsExtendOutput1Entry 1 }
Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendOutLine ::= { nsExtendOutput2Entry 2 }
Cannot adopt OID in NET-SNMP-EXTEND-MIB: nsExtendLineIndex ::= { nsExtendOutput2Entry 1 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsNotifyStart ::= { netSnmpNotifications 1 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsNotifyShutdown ::= { netSnmpNotifications 2 }
Cannot adopt OID in NET-SNMP-AGENT-MIB: nsNotifyRestart ::= { netSnmpNotifications 3 }
Cannot adopt OID in UCD-SNMP-MIB: laErrMessage ::= { laEntry 101 }
Cannot adopt OID in UCD-SNMP-MIB: laErrorFlag ::= { laEntry 100 }
Cannot adopt OID in UCD-SNMP-MIB: laLoadFloat ::= { laEntry 6 }
Cannot adopt OID in UCD-SNMP-MIB: laLoadInt ::= { laEntry 5 }
Cannot adopt OID in UCD-SNMP-MIB: laConfig ::= { laEntry 4 }
Cannot adopt OID in UCD-SNMP-MIB: laLoad ::= { laEntry 3 }
Cannot adopt OID in UCD-SNMP-MIB: laNames ::= { laEntry 2 }
Cannot adopt OID in UCD-SNMP-MIB: laIndex ::= { laEntry 1 }
PHP 7.0.28-0ubuntu0.16.04.1 Development Server started at Thu Mar 29 15:31:22 2018
Listening on http://0.0.0.0:80
Document root is /root
Press Ctrl-C to quit.
[Thu Mar 29 15:32:11 2018] 192.168.0.1:45262 Invalid request (Malformed HTTP request)
[Thu Mar 29 15:32:32 2018] 192.168.0.1:45264 [200]: /index.html
[Thu Mar 29 22:27:55 2018] 192.168.0.2:45482 Invalid request (Malformed HTTP request)
[Thu Mar 29 22:27:58 2018] 192.168.0.2:45484 Invalid request (Malformed HTTP request)
[Thu Mar 29 22:28:22 2018] 192.168.0.2:45486 Invalid request (Malformed HTTP request)
[Thu Mar 29 22:28:37 2018] 192.168.0.2:45488 [200]: /index.html
[Thu Mar 29 22:29:06 2018] 192.168.0.2:45490 [200]: /index.html
[Thu Mar 29 22:29:11 2018] 192.168.0.2:45492 [200]: /index.html
[Thu Mar 29 22:29:42 2018] 192.168.2.1:48932 [200]: /index.html
[Thu Mar 29 22:29:44 2018] 192.168.2.1:48934 [200]: /index.html
[Thu Mar 29 22:35:38 2018] 192.168.0.2:45502 Invalid request (Malformed HTTP request)
[Thu Mar 29 22:35:41 2018] 192.168.0.1:45282 Invalid request (Malformed HTTP request)
[Thu Mar 29 22:35:55 2018] 192.168.2.1:48942 [200]: /
[Thu Mar 29 22:37:50 2018] 192.168.2.1:48948 [200]: /
[Thu Mar 29 22:43:02 2018] 192.168.0.1:45296 [200]: /
[Thu Mar 29 22:43:07 2018] 192.168.0.2:45514 [200]: /
[Thu Mar 29 22:43:51 2018] 192.168.2.1:48954 [200]: /
[Thu Mar 29 22:48:58 2018] 192.168.0.1:45302 [200]: /
[Thu Mar 29 22:51:31 2018] 192.168.2.1:48960 [200]: /
[Thu Mar 29 22:56:35 2018] 192.168.2.1:48966 [200]: /
[Thu Mar 29 22:56:36 2018] 192.168.0.1:45308 [200]: /
[Thu Mar 29 22:56:36 2018] 192.168.0.2:45526 [200]: /
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /index.html

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.

PHP: Built-in web server - Manual 

ping 192.168.4.1 -c4

cat <<EOF | telnet 192.168.4.1 80
GET /index.html

EOF
access-list 100 permit tcp 192.168.0.0 0.0.0.255 192.168.4.1 0.0.0.0 eq 80
access-list 100 permit tcp 192.168.0.0 0.0.0.255 192.168.4.1 0.0.0.0 eq www
int gig0/2
ip access-group 100 in
exit
R1(config)#$ 100 permit tcp 192.168.0.0 0.0.0.255 192.168.0.0 0.0.0.0 eq www
R1(config)#$ 100 permit tcp 192.168.0.0 0.0.0.255 192.168.0.0 0.0.0.0 eq 80
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
fawsdfa
Connection closed by foreign host.
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.


asdf
Connection closed by foreign host.
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
R1(config)#int gig0/2
R1(config-if)#ip acc
R1(config-if)#ip acce
R1(config-if)#ip access-group 100 in
R1(config-if)#exit
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
telnet: Unable to connect to remote host: No route to host
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
telnet: Unable to connect to remote host: No route to host
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
R1(config)#$ 100 permit tcp 192.168.0.0 0.0.0.255 192.168.4.1 0.0.0.0 eq 80
R1(config)#do sh run | i access-list
access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.0.0 eq www
access-list 100 permit tcp 192.168.0.0 0.0.0.255 host 192.168.4.1 eq www
R1(config)#do sh run int gig0/2
Building configuration...

Current configuration : 142 bytes
!
interface GigabitEthernet0/2
 ip address 192.168.0.254 255.255.255.0
 ip access-group 100 in
 duplex auto
 speed auto
 media-type rj45
end
ping 192.168.4.1 -c4
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c4
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
From 192.168.0.254 icmp_seq=1 Packet filtered
From 192.168.0.254 icmp_seq=2 Packet filtered
From 192.168.0.254 icmp_seq=3 Packet filtered
From 192.168.0.254 icmp_seq=4 Packet filtered

--- 192.168.4.1 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3004ms
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-2:~# ping 192.168.4.1 -c4
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
From 192.168.0.254 icmp_seq=1 Packet filtered
From 192.168.0.254 icmp_seq=2 Packet filtered
From 192.168.0.254 icmp_seq=3 Packet filtered
From 192.168.0.254 icmp_seq=4 Packet filtered

--- 192.168.4.1 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3004ms
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-4:~# ping 192.168.4.1 -c4
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=62 time=5.62 ms
64 bytes from 192.168.4.1: icmp_seq=2 ttl=62 time=7.07 ms
64 bytes from 192.168.4.1: icmp_seq=3 ttl=62 time=9.38 ms
64 bytes from 192.168.4.1: icmp_seq=4 ttl=62 time=4.60 ms

--- 192.168.4.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 4.604/6.671/9.385/1.795 ms

verify major protocol name. 

access-list 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255  eq www log-input
R1(config)#no acc
R1(config)#no access-list 10
R1(config)#no access-list 100
R1(config)#no access-list 100
R1(config)#access
R1(config)#access-list 100
R1(config)#access-list 100 permi
R1(config)#access-list 100 permit
R1(config)#$ 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 ac
R1(config)#$ 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 www
R1(config)#$ 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq ww
R1(config)#$ 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq www log
R1(config)#$t tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq www log-
R1(config)#$t tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq www log-input
R1(config)#do sh run | i access-list
access-list 100 permit tcp host 192.168.0.1 192.168.4.0 0.0.0.255 eq www log-input
R1(config)#do sh run int gig0/2
Building configuration...

Current configuration : 142 bytes
!
interface GigabitEthernet0/2
 ip address 192.168.0.254 255.255.255.0
 ip access-group 100 in
 duplex auto
 speed auto
 media-type rj45
end
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c4
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
From 192.168.0.254 icmp_seq=1 Packet filtered
From 192.168.0.254 icmp_seq=2 Packet filtered
From 192.168.0.254 icmp_seq=3 Packet filtered
From 192.168.0.254 icmp_seq=4 Packet filtered

--- 192.168.4.1 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3003ms
R1(config)#
*Mar 29 22:48:18.186: %SEC-6-IPACCESSLOGP: list 100 permitted tcp 192.168.0.1(45302) (GigabitEthernet0/2 3673.f233.0c62) -> 192.168.4.1(80), 1 packet
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
telnet: Unable to connect to remote host: No route to host
root@Python,Go,Perl,PHP-2:~# ping 192.168.4.1 -c4
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
From 192.168.0.254 icmp_seq=1 Packet filtered
From 192.168.0.254 icmp_seq=2 Packet filtered
From 192.168.0.254 icmp_seq=3 Packet filtered
From 192.168.0.254 icmp_seq=4 Packet filtered

--- 192.168.4.1 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3003ms
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-4:~# ping 192.168.4.1 -c4
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=62 time=4.29 ms
64 bytes from 192.168.4.1: icmp_seq=2 ttl=62 time=5.08 ms
64 bytes from 192.168.4.1: icmp_seq=3 ttl=62 time=4.37 ms
64 bytes from 192.168.4.1: icmp_seq=4 ttl=62 time=11.1 ms

--- 192.168.4.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 4.296/6.227/11.154/2.861 ms

remove access list 

R1(config)#no access-list 100
R1(config)#do sh run | i access-list
R1(config)#do sh run int gig0/2
Building configuration...

Current configuration : 142 bytes
!
interface GigabitEthernet0/2
 ip address 192.168.0.254 255.255.255.0
 ip access-group 100 in
 duplex auto
 speed auto
 media-type rj45
end
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-1:~#  ping 192.168.4.1 -c4
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=8.00 ms
64 bytes from 192.168.4.1: icmp_seq=2 ttl=61 time=5.86 ms
64 bytes from 192.168.4.1: icmp_seq=3 ttl=61 time=11.7 ms
64 bytes from 192.168.4.1: icmp_seq=4 ttl=61 time=8.13 ms

--- 192.168.4.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 5.862/8.440/11.755/2.117 ms
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-2:~#  ping 192.168.4.1 -c4
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=6.96 ms
64 bytes from 192.168.4.1: icmp_seq=2 ttl=61 time=9.40 ms
64 bytes from 192.168.4.1: icmp_seq=3 ttl=61 time=8.20 ms
64 bytes from 192.168.4.1: icmp_seq=4 ttl=61 time=10.3 ms

--- 192.168.4.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 6.961/8.728/10.348/1.277 ms
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-4:~#  ping 192.168.4.1 -c4
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=62 time=7.93 ms
64 bytes from 192.168.4.1: icmp_seq=2 ttl=62 time=5.58 ms
64 bytes from 192.168.4.1: icmp_seq=3 ttl=62 time=6.26 ms
64 bytes from 192.168.4.1: icmp_seq=4 ttl=62 time=6.05 ms

--- 192.168.4.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 5.588/6.460/7.932/0.884 ms
access-list 101 deny ip host 192.168.0.1 host 192.168.4.1 log
access-list 101 permit ip 192.168.0.0 0.0.0.255 any
int gig0/2
ip access-group 101 in
exit
R1(config)#access-list 101 deny ip host 192.168.0.1 host 192.168.4.1 log
R1(config)#access-list 101 permit ip 192.168.0.0 0.0.0.255 any
R1(config)#int gig0/2
R1(config-if)#ip acc
R1(config-if)#ip acce
R1(config-if)#ip access-group 101 in
R1(config-if)#exit
ping 192.168.4.1 -c2

ping 192.168.0.2 -c2

ping 192.168.0.3 -c2

ping 192.168.2.1 -c2
root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c2
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
From 192.168.0.254 icmp_seq=1 Packet filtered
From 192.168.0.254 icmp_seq=2 Packet filtered

--- 192.168.4.1 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1001ms
R1(config)#
*Mar 29 23:39:53.477: %SEC-6-IPACCESSLOGDP: list 101 denied icmp 192.168.0.1 -> 192.168.4.1 (0/0), 1 packet

R1(config)#^Z
R1#sh ip
R1#sh ip
*Mar 29 23:40:22.830: %SYS-5-CONFIG_I: Configured from console by console
R1#sh ip ac
R1#sh ip acce
R1#sh ip access-lists 101
R1#sh ip access-lists 101
Extended IP access list 101
    10 deny ip host 192.168.0.1 host 192.168.4.1 log (2 matches)
    20 permit ip 192.168.0.0 0.0.0.255 any
root@Python,Go,Perl,PHP-1:~# ping 192.168.0.2 -c2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.377 ms
64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.166 ms

--- 192.168.0.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.166/0.271/0.377/0.106 ms
root@Python,Go,Perl,PHP-1:~# ping 192.168.0.3 -c2
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.702 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.355 ms

--- 192.168.0.3 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.355/0.528/0.702/0.175 ms
root@Python,Go,Perl,PHP-1:~# ping 192.168.2.1 -c2
PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
64 bytes from 192.168.2.1: icmp_seq=1 ttl=62 time=7.63 ms
64 bytes from 192.168.2.1: icmp_seq=2 ttl=62 time=5.40 ms

--- 192.168.2.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 5.407/6.519/7.632/1.115 ms
R1(config)#no access-list 101
access-list 102 deny tcp host 192.168.0.1 host 192.168.4.1 eq www
access-list 102 permit ip any any
R1(config)#access-list 102 deny tcp host 192.168.0.1 host 192.168.4.1 eq www
R1(config)#access-list 102 permit ip any any
telnet 192.168.4.1 80
GET /

ping 192.168.4.1 -c1


ping 192.168.2.1 -c1


ping 192.168.0.3 -c1
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.

something went wrong. 

R1(config)#do sh run | i access-list
access-list 102 deny   tcp host 192.168.0.1 host 192.168.4.1 eq www
access-list 102 permit ip any any
R1(config)#do sh run int gig0/2
Building configuration...

Current configuration : 142 bytes
!
interface GigabitEthernet0/2
 ip address 192.168.0.254 255.255.255.0
 ip access-group 101 in
 duplex auto
 speed auto
 media-type rj45
end

access-group number invalid. 

R1(config)#int gig0/2
R1(config-if)#ip acc
R1(config-if)#ip acce
R1(config-if)#ip access-group 102
% Incomplete command.

R1(config-if)#ip access-group 102 in
R1(config-if)#exit



R1(config)#do sh run | i access-list
access-list 102 deny   tcp host 192.168.0.1 host 192.168.4.1 eq www
access-list 102 permit ip any any
R1(config)#do sh run int gig0/2
Building configuration...

Current configuration : 142 bytes
!
interface GigabitEthernet0/2
 ip address 192.168.0.254 255.255.255.0
 ip access-group 102 in
 duplex auto
 speed auto
 media-type rj45
end
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
telnet: Unable to connect to remote host: No route to host
root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c1
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=8.31 ms

--- 192.168.4.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 8.310/8.310/8.310/0.000 ms
root@Python,Go,Perl,PHP-1:~# ping 192.168.2.1 -c1
PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
64 bytes from 192.168.2.1: icmp_seq=1 ttl=62 time=5.71 ms

--- 192.168.2.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 5.719/5.719/5.719/0.000 ms
root@Python,Go,Perl,PHP-1:~# ping 192.168.0.3 -c1
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.408 ms

--- 192.168.0.3 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.408/0.408/0.408/0.000 ms
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-2:~# ping 192.168.4.1 -c1
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=6.22 ms

--- 192.168.4.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 6.223/6.223/6.223/0.000 ms
root@Python,Go,Perl,PHP-2:~# ping 192.168.2.1 -c1
PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
64 bytes from 192.168.2.1: icmp_seq=1 ttl=62 time=5.97 ms

--- 192.168.2.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 5.977/5.977/5.977/0.000 ms
root@Python,Go,Perl,PHP-2:~# ping 192.168.0.3 -c1
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.645 ms

--- 192.168.0.3 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.645/0.645/0.645/0.000 ms
access-list 199 permit tcp host 192.168.4.1 eq 80 192.168.0.0 0.0.0.255 log
int gig0/2
ip access-group 102 in
exit
R2(config)#$t tcp host 192.168.4.1 eq 80 192.168.0.0 0.0.0.255 log
R2(config)#int gig0/2
R2(config-if)#ip acc
R2(config-if)#ip acce
R2(config-if)#ip access-group 102 in
R2(config-if)#exit
R2(config)#do sh run | i access-list
access-list 199 permit tcp host 192.168.4.1 eq www 192.168.0.0 0.0.0.255 log
R2(config)#do sh run int gig/02
                            ^
% Invalid input detected at '^' marker.

R2(config)#do sh run int gig0/2
Building configuration...

Current configuration : 142 bytes
!
interface GigabitEthernet0/2
 ip address 192.168.4.254 255.255.255.0
 ip access-group 102 in
 duplex auto
 speed auto
 media-type rj45
end
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.


root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c2
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=6.34 ms
64 bytes from 192.168.4.1: icmp_seq=2 ttl=61 time=7.70 ms

--- 192.168.4.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 6.348/7.026/7.705/0.683 ms

no logging, ping success, something went wrong.

invalid acl number…. too 

interface GigabitEthernet0/2
 ip access-group 102 in
R2(config)#int gig0/2
R2(config-if)#ip acc
R2(config-if)#ip acce
R2(config-if)#ip access-group 199 in
R2(config-if)#exit
R2(config)#do sh run int gig0/2
Building configuration...

Current configuration : 142 bytes
!
interface GigabitEthernet0/2
 ip address 192.168.4.254 255.255.255.0
 ip access-group 199 in
 duplex auto
 speed auto
 media-type rj45
end
root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c2
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=61 time=6.34 ms
64 bytes from 192.168.4.1: icmp_seq=2 ttl=61 time=7.70 ms

--- 192.168.4.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 6.348/7.026/7.705/0.683 ms
root@Python,Go,Perl,PHP-1:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-1:~# ping 192.168.4.1 -c2
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.

--- 192.168.4.1 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1007ms
root@Python,Go,Perl,PHP-2:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
Connected to 192.168.4.1.
Escape character is '^]'.
GET /

HTTP/0.9 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6

hello
Connection closed by foreign host.
root@Python,Go,Perl,PHP-2:~# ping 192.168.4.1 -c2
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.

--- 192.168.4.1 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1008ms
R2(config)#
*Mar 30 00:13:20.888: %SEC-6-IPACCESSLOGP: list 199 permitted tcp 192.168.4.1(80) -> 192.168.0.1(45326), 1 packet
R2(config)#
*Mar 30 00:14:07.993: %SEC-6-IPACCESSLOGP: list 199 permitted tcp 192.168.4.1(80) -> 192.168.0.2(45544), 1 packet
ping 192.168.4.1 -c2

ping 192.168.0.1 -c2
root@Python,Go,Perl,PHP-4:~# telnet 192.168.4.1 80
Trying 192.168.4.1...
telnet: Unable to connect to remote host: Connection timed out
root@Python,Go,Perl,PHP-4:~# ping 192.168.4.1 -c2
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.

--- 192.168.4.1 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1009ms



root@Python,Go,Perl,PHP-4:~# ping 192.168.0.1 -c2
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=62 time=5.59 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=62 time=6.86 ms

--- 192.168.0.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 5.594/6.231/6.869/0.642 ms

References

  1. ACL - 拡張ACL
tech/network/extended-acl/extended-acl.txt · Last modified: 2018/04/02 02:51 by 5.9.98.130

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki