[afnog] Help on Access list Evaluation
Mangaliso Jere
mangaliso at gmail.com
Mon Jul 17 10:34:03 EAT 2006
Guys
I am experiencing an up surge of traffic on my network. At the moment
am reviewing my access-lists. If the are any other rules I can add.
access-list 101 deny tcp any any eq 135
access-list 101 deny udp any any eq 135
access-list 101 deny tcp any any eq 445
access-list 101 deny udp any any eq 445
access-list 101 deny tcp any any eq 5554
access-list 101 deny udp any any eq 5554
access-list 101 deny tcp any any eq 9996
access-list 101 deny udp any any eq 9996
access-list 101 deny tcp any any eq 139
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny tcp any any eq 136
access-list 101 deny udp any any eq 136
access-list 101 deny tcp any any eq 137
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny tcp any any eq 138
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny icmp any any
access-list 101 deny tcp any any eq smtp
access-list 101 permit ip any any
This is the list I am using for my clients and of course I add some
host routes for individual clients where necessary.
--
Mangaliso Jere
Lilongwe
Malawi
(265)- 9 - 953079
More information about the afnog
mailing list