- Posts: 20
- Thank you received: 0
Access List
20 years 8 months ago #3441
by nubs
Access List was created by nubs
Need some quick help.
I need to block off certain range of ips...say 10.0.5.36-.254
Is there a easy way to do this?
I need to block off certain range of ips...say 10.0.5.36-.254
Is there a easy way to do this?
20 years 8 months ago #3442
by Jack
Jack Burgess,
Firewall.cx Staff
News Editor / Forum Moderator
www.jacksjunk.com
Replied by Jack on topic Re: Access List
With lack of meat to your question all I can say is use a firewall but that would be silly to say that because you’re in the Firewall forum so you knew enough to know what a firewall is and can do.
All I can suggest at this time is refer to the picture below and good luck.
All I can suggest at this time is refer to the picture below and good luck.
Jack Burgess,
Firewall.cx Staff
News Editor / Forum Moderator
www.jacksjunk.com
20 years 8 months ago #3446
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: Access List
Hmmm ... somehow I dont think that particular access-list will work for nubs .. unless of course you know something we don't!
Nubs, mind giving us a bit more information? What o/s or device are we talking about ?
Cheers,
Nubs, mind giving us a bit more information? What o/s or device are we talking about ?
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
20 years 8 months ago #3449
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: Access List
I figure he's talking cisco.. but I really dont have the energy to work out the wildcard mask for the range he's talking about.. anyone care to do the binary math (or share a simpler method with me ?)
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
20 years 8 months ago #3453
by nubs
Replied by nubs on topic Re: Access List
sorry bout that, I had a few seconds to write this up
Yea, Sahir is right, access lists on the router....binaries would be good
Yea, Sahir is right, access lists on the router....binaries would be good
20 years 8 months ago #3454
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: Access List
Briefly..
the access list mask you use is the binary opposite of the s/n mask you would use.. ie
255.255.255.0 = 11111111.11111111.11111111.00000000
so the a/l mask = 00000000.00000000.00000000.11111111
= 0.0.0.255
if the s/n mask is 255.255.255.240 = 11111111.11111111.11111111.11110000
a/l mask
00000000.00000000.00000000.00001111 (convert zero to one)
therefore 0.0.0.15
simple ?
the access list mask you use is the binary opposite of the s/n mask you would use.. ie
255.255.255.0 = 11111111.11111111.11111111.00000000
so the a/l mask = 00000000.00000000.00000000.11111111
= 0.0.0.255
if the s/n mask is 255.255.255.240 = 11111111.11111111.11111111.11110000
a/l mask
00000000.00000000.00000000.00001111 (convert zero to one)
therefore 0.0.0.15
simple ?
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.134 seconds