Helper questions:
1. Source address?
2. Source port?
3. Destination address?
4. Destination port?
5. Permit or Deny?
tcp = {http, telnet, ...}
udp = {dhcp, dns, ...}
icmp = {ping. tracerpoute, ... }
ip = {tcp, udp, icmp}= {http, telnet, dhcp, dns, ping, traceroute, ... }
Contoh:
Blok koneksi dari host dari network 192.168.1.0/24 ke host 192.168.2.0/24
Source address: 192.168.1.0/24
Source port: Gak secara explisit dirincikan jadi kemungkinan any
Destination address? 192.168.2.0/24
Destination port? Sama, tidak dirincikan, jadi any port
Permit? Disuruh blok berarti deny
Ramu:
ip access-list 101 deny 192.168.1.0 0.0.0.255
1. Source address?
2. Source port?
3. Destination address?
4. Destination port?
5. Permit or Deny?
tcp = {http, telnet, ...}
udp = {dhcp, dns, ...}
icmp = {ping. tracerpoute, ... }
ip = {tcp, udp, icmp}= {http, telnet, dhcp, dns, ping, traceroute, ... }
Contoh:
Blok koneksi dari host dari network 192.168.1.0/24 ke host 192.168.2.0/24
Source address: 192.168.1.0/24
Source port: Gak secara explisit dirincikan jadi kemungkinan any
Destination address? 192.168.2.0/24
Destination port? Sama, tidak dirincikan, jadi any port
Permit? Disuruh blok berarti deny
Ramu:
ip access-list 101 deny 192.168.1.0 0.0.0.255
No comments:
Post a Comment