Firewall Wizards mailing list archives
RE: Cisco acls
From: "Luke Butcher" <Luke.Butcher () alphawest com au>
Date: Tue, 15 Mar 2005 09:02:33 +1100
Not sure about a lint checker and router ACLs unfortunately don't show a hit count like PIX ones. So the only option is probably to add a log keyword to your permit statements and then watch the logs to see if the statements are being hit. As for older ones it maybe a bit late for existing ones, but there is a remark keyword in modern IOS(s?) which makes it very handy for remembering why a certain line was there. Regards, Luke Butcher Network/Security Consultant -----Original Message----- From: Mark Teicher [mailto:mht3 () earthlink net] Sent: Tuesday, 8 March 2005 11:06 PM To: Bruce Smith Cc: 'Eric Appelboom'; firewall-wizards () honor icsalabs com Subject: RE: [fw-wiz] Cisco acls Has anyone seen or heard of a Cisco ACL lint checker to validate whether a certain acl is being utilized or at all. What about old acls that have been around for a while, and no one understands why they were inserted in the first place. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Cisco acls, (continued)
- RE: Cisco acls Behm, Jeffrey L. (Mar 04)
- RE: Cisco acls Matthew.Harvey () usdoj gov (Mar 04)
- RE: Cisco acls Paul Melson (Mar 04)
- Re: Cisco acls Luca Berra (Mar 07)
- RE: Cisco acls Luke Butcher (Mar 06)
- RE: Cisco acls Luke Butcher (Mar 07)
- RE: Cisco acls Andrew Yourtchenko (Mar 12)
- RE: Cisco acls MHawkins (Mar 07)
- RE: Cisco acls Scott Stursa (Mar 12)
- Re: Cisco acls Mark Teicher (Mar 24)
- RE: Cisco acls Luke Butcher (Mar 24)
- RE: Cisco acls Scott Stursa (Mar 24)
- Fwd: Re: Cisco acls Mark Teicher (Mar 24)
- RE: Cisco acls Luke Butcher (Mar 30)
- RE: Cisco acls MHawkins (Mar 31)