Firewall Wizards mailing list archives

Re: internal numbers visible when browsing

From: Joseph S D Yao <jsdy () cospo osis gov>
Date: Mon, 2 Oct 2000 12:28:39 -0400

On Tue, Sep 26, 2000 at 11:50:35AM -0400, S. Jonah Pressman wrote:
...

Cisco Example (note the Cisco Wildcard for /24):

# config t
(config)# ip access-list extended 101
(config-ext-nacl)# access-list 101 deny ip 172.16.1.0 0.0.0.255 any log
(config-ext-nacl)# access-list 101 deny ip 172.16.2.0 0.0.0.255 any log
(config-ext-nacl)# access-list 101 deny ip 172.16.3.0 0.0.0.255 any log
(config-ext-nacl)# <...and so on with your rules>


Or, just:
        access-list 101 deny ip 172.16.0.0      0.15.255.255 any log
Similarly:
        access-list 101 deny ip 10.0.0.0        0.255.255.255 any log
        access-list 101 deny ip 192.168.0.0     0.0.255.255 any log
to get all of the RFC 1918 addresses.

-- 
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO/OSIS Computer Support                                     EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards

Current thread:

Re: internal numbers visible when browsing S. Jonah Pressman (Oct 01)
- Re: internal numbers visible when browsing Joseph S D Yao (Oct 03)