Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
This book is about network policies and how to implement those policies using Cisco IOS access lists. I present a way to think about access lists and network policy, describe how access lists are built, and give examples of how to apply those access lists in different situations. Along the way, there are a number of sidebars and notes about concepts and information important to using access lists, and at the end of the book, there are appendixes with useful reference material. | Cisco IOS Access Lists Jeff Sedayao Publisher O Reilly First Edition June 2001 ISBN 1-56592-385-5 272 pages This book focuses on a critical aspect of the Cisco IOS--access lists which are central to securing routers and networks. Administrators cannot implement access control or traffic routing policies without them. The book covers intranets firewalls and the Internet. Unlike other Cisco router titles it focuses on practical instructions for setting router access policies rather than the details of interfaces and routing protocol settings. Cisco IOS Access lists TABLE OF CONTENTS Preface.5 Organization.6 Audience.7 Conventions used in this book.8 Acknowledgments.9 Chapter 1. Network Policies and Cisco Access Lists.10 1.1 Policy sets.11 1.1.1 Characteristics of policy sets.13 1.1.2 Policy sets in networks.13 1.2 The policy toolkit.16 1.2.2 Controlling packets passing through a router.18 1.2.3 Controlling routes accepted and distributed.19 1.2.4 Controlling routes accepted and distributed based on route characteristics.20 1.2.5 Putting it all together.21 Chapter 2. Access List Basics.22 2.1 Standard access lists.22 2.1.1 The implicit deny.23 2.1.2 Standard access lists and route filtering.24 2.1.3 Access list wildcard masks.25 2.1.4 Specifying hosts in a subnet versus specifying a subnet.25 2.1.5 Access list wildcard masks versus network masks.26 2.1.6 The implicit wildcard mask.27 2.1.7 Sequential processing in access lists.28 2.1.8 Standard access lists and packet filtering.28 2.1.9 Generic format of standard access lists.30 2.2 Extended access lists.31 2.2.1 Some general properties of access lists.34 2.2.2 Matching IP protocols.34 2.2.3 More on matching protocol ports.35 2.2.4 Text substitutes for commonly used ports and masks.37 2.2.5 Generic format of extended access lists.38 2.3 More on matching.40 2.3.1 Good numbering practices.44 2.4 Building and maintaining access lists.46 2.4.1 Risks of deleting access lists as an update technique.48 2.4.2 Displaying .