Need some help differentiating between 2 access list rules
Hi, first post on this web site.
I am trying to understand some access list rules.
I have 2 rules in the same acl.
They read as:
permit tcp 39.112.123.128 0.0.0.15 eq www any
permit tcp 39.112.123.128 0.0.0.15 any eq www
I don't know how they are different.
Any help would be great.
I am trying to understand some access list rules.
I have 2 rules in the same acl.
They read as:
permit tcp 39.112.123.128 0.0.0.15 eq www any
permit tcp 39.112.123.128 0.0.0.15 any eq www
I don't know how they are different.
Any help would be great.
Comments
-
networker050184
Mod Posts: 11,962 Mod
Do you know the basic layout of an ACL entry?
source address/protocol/port - destination address/protocol/portAn expert is a man who has made all the mistakes which can be made. -
ram1101
Member Posts: 32 ■■□□□□□□□□
Hi, first post on this web site.
I am trying to understand some access list rules.
I have 2 rules in the same acl.
They read as:
permit tcp 39.112.123.128 0.0.0.15 eq www any
permit tcp 39.112.123.128 0.0.0.15 any eq www
I don't know how they are different.
Any help would be great.
ok on the first ACL you are allowing tcp port 80 from source 39.112.123.128 0.0.0.15 to anything
on the second one you are allowing tcp from ip 39.112.123.128 0.0.0.15 to port 80 -
I_Batman
Registered Users Posts: 4 ■□□□□□□□□□
Yes, I believe I understand this, but maybe I don't.
This is an extended access rule.
The way I am understanding the rules are:
1. The source address is the same in both rules: any address in the range of 39.112.123.129-143.
2. The destination address in both rules is "any".
3. In both rules the logical port in question is the www, hence the web.
4. In rule 1, any traffic emanating from 39.112.123.128/16 network and is equivalent to www is allowed through
5. But with the 2nd rule, I am getting confused. It seems to be saying any port from the source address is allowed out, to any IP address, but I don't understand how the last 2 words "eq www" in the 2nd rule are interpreted. -
I_Batman
Registered Users Posts: 4 ■□□□□□□□□□
ok on the first ACL you are allowing tcp port 80 from source 39.112.123.128 0.0.0.15 to anything
on the second one you are allowing tcp from ip 39.112.123.128 0.0.0.15 to port 80
I am sorry, I am lost.
In the 2nd rule, how do you allow traffic to a specific port, in this case port 80.
I don't understand the concept of allowing traffic to a logical port. -
Kelkin
Member Posts: 261 ■■■□□□□□□□
the eq www means equals port 80 so basically you saying in rule 2 to permit anything from any tcp port on network 39.112.123.128/16 to any network on port 80. -
networker050184
Mod Posts: 11,962 Mod
I am sorry, I am lost.
In the 2nd rule, how do you allow traffic to a specific port, in this case port 80.
I don't understand the concept of allowing traffic to a logical port.
There are source and destination ports in a traffic flow. The first restricts the source and the second restricts the destination ports.An expert is a man who has made all the mistakes which can be made. -
ram1101
Member Posts: 32 ■■□□□□□□□□
I am sorry, I am lost.
In the 2nd rule, how do you allow traffic to a specific port, in this case port 80.
I don't understand the concept of allowing traffic to a logical port.
by you adding the any eq www you are pretty much saying to allow the source to the destination on any ip on port 80
for example if i have
permit ip host 1.1.1.1 host 2.2.2.2
im permitting host 1.1.1.1 to talk to host 2.2.2.2 using IP protocol
or
if you do
permit tcp host 1.1.1.1 host 2.2.2.2 eq www
im permiting host 1.1.1.1 on any tcp port to talk to 2.2.2.2 only on port 80
and if i do
permit tcp any host 2.2.2.2 eq www
im allowing any tcp connection from any ip to port 80 on host 2.2.2.2
is always source then destination -
I_Batman
Registered Users Posts: 4 ■□□□□□□□□□
Thanks for help all.
This info does indeed help sort out my confusion.
