|
|
[cisco-ttl] ip access-list counter'lari
From: Enis Karaarslan <enis.karaarslan_at_....>
Date: Sun Nov 12 2006 - 17:43:28 EET
6500'lerde sup720 taktiktan sonra
Örneğin aşağıdaki acl'de www trafiği olmasına rağmen counter artmıyor. Tabii ki sonuna log yazarsam counter artıyor ama eskiden böyle birşeye gerek kalmıyordu. Bu konuda yorumlarınızı rica ediyorum. Extended IP access list Vlan70_icerden 10 permit ip any host 255.255.255.255 (142 matches)
20 permit tcp 10.1.5.0 0.0.0.255 any eq 84
30 permit udp 10.1.5.0 0.0.0.255 any eq domain
40 permit udp 10.1.5.0 0.0.0.255 any eq bootpc
50 permit udp 10.1.5.0 0.0.0.255 host 155.223.2.22
60 permit tcp 10.1.5.0 0.0.0.255 any eq telnet
70 permit tcp 10.1.5.0 0.0.0.255 any eq 22
80 permit tcp 10.1.5.0 0.0.0.255 any range 1000 2000
90 permit tcp 10.1.5.0 0.0.0.255 any eq ftp
100 permit tcp 10.1.5.0 0.0.0.255 any eq www
110 permit tcp 10.1.5.0 0.0.0.255 any eq 81
120 permit tcp 10.1.5.0 0.0.0.255 any eq 443
130 permit tcp 10.1.5.0 0.0.0.255 any eq 443 established
140 permit tcp 10.1.5.0 0.0.0.255 any eq domain
150 permit tcp 10.1.5.0 0.0.0.255 any eq telnet established
160 permit tcp 10.1.5.0 0.0.0.255 any eq ftp established
170 permit tcp 10.1.5.0 0.0.0.255 any eq ftp-data
180 permit tcp 10.1.5.0 0.0.0.255 any eq www established
190 permit tcp 10.1.5.0 0.0.0.255 any eq 8080
210 permit tcp 10.1.5.0 0.0.0.255 any eq 3306
220 permit tcp 10.1.5.0 0.0.0.255 any eq 3306 established
250 deny icmp any any fragments
260 permit icmp any any packet-too-big 270 permit icmp any any time-exceeded 280 permit icmp any any echo-reply 290 permit icmp any any echo (26 matches) 300 deny icmp any any (2 matches) 310 deny ip any any log (93571 matches) saygilarimla, -- Ege Üniversitesi Kampüs Network YöneticisiReceived on Mon Nov 13 21:59:34 2006 This archive was generated by hypermail 2.1.8 : Mon Nov 13 2006 - 21:59:35 EET |