ACL Syntax Question

I came across this ACL on my Job:
10 permit tcp any any neq telnet
Why they use that syntax instead of using the following:
10 permit deny any any eq telnet

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

peanutnoggin

amb1s1 wrote: »

I came across this ACL on my Job:
10 permit tcp any any neq telnet
Why they use that syntax instead of using the following:
10 permit deny any any eq telnet

10 permit tcp any any neq telnet

is a way to write a one line ACL to accomplish the denial of telnet and allowing of the rest of the TCP traffic to flow.

If they had used:

10 deny tcp any any eq telnet

they would have had to add
20 permit tcp any any

or no other traffic could've passed through the interface in which this ACL was applied.

Because the last line of an ACL is the hidden "deny any any".

HTH.

V/r

~Peanut

mikem2te

Is this the complete access list? Remember there is always an implicit deny all at the end of every access list which you do not see in the show runningconfig or any other show comand.

Therefore if the acl was-
"10 permit deny any any eq telnet"
As there is a hidden deny all at the end of the list no traffic will be allowed through.

If the adl was-
"10 permit tcp any any neq telnet"
All traffic not matching the rule (not telnet traffic)would be allowed. Telnet traffix would then be stopped by the hidden implicit deny.

ColbyG

Where's the rest?