what does "eq" in ACLs mean?

mguy

Say I want to block telnet traffic from a host

access-list 101 deny tcp host 192.168.1.1 eq telnet

or www

access-list 101 deny tcp host 192.168.1.1 eq www

---

Also why don't we use this syntax for ICMP pings????? In other words, why do i use:

access-list 101 deny icmp host 192.168.1.1

instead of

access-list 101 deny tcp 192.168.1.1 eq ping

Ltat42a

equal instead of "="???? (just guessing)

drkat

Ping isnt a tcp service so we dont use 'eq' - eq == equals - We use 'eq' to specify port or range of ports whether it be udp/tcp, but icmp doesnt so ... we cant use eq and we must use permit icmp

Please refer to '?' when doing your ACL and it gives a pretty decent explanation

mochaaddict

I'm pretty sure that in cisco land eq means "equal" and neq means "not equal".

----

icmp is its own protocol with its own parameters - source quench, echo reply, etc.

docrice

As others mentioned, it refers to being "equal to." It applies to ACL statements involving layer 4 protocols (TCP and UDP).

ICMP is layer 3 (or 3.5) and there is no concept of a port involved. ICMP has types and codes. For example, when doing a "ping" the sender transmits an ICMP type 8 code 0 (known as an echo request) while the response back from the remote target is an ICMP type 0 code 0 (an echo reply). You'd specify this in an ACL like:

access-list 101 permit icmp host 10.1.1.2 host 10.2.2.3 echo

access-list 102 permit icmp host 10.2.2.3 host 10.1.1.2 echo-reply