acl filtering traffic

[PissedPanther]

ok i have one other problem, i have a router, Galway, through its ethernet its connected to a lan of 512 devices, through its s0 its connected to another router "Cork" and between the two is a frame relay switch simulated by a cisco 2501 router, so if you all follow me so far, what i need to do is make a acl on galway to filter traffic from source addresses on the galway lan, it should permit HTTP access to the isp (which is connected down the line from Cork), the acl needs to deny all other access to the isp and permit all traffic to destinations within the wan, but i need to know the commands if someone could help me


i'll try and make a document of what i'm talking about to help explain me

 

[lgarner]

Galway:

access-list 101 permit tcp any any eq 80
access-list 101 permit ip any <wan_net> <wan_mask>
access-list 101 deny ip any any

interface s 0
ip access-group 101 out


Repeat ACL line 2 as needed to cover the addresses that you do want to access. This also assumes that the only outbound traffic on Galway is from Galway's LAN.

 

[PissedPanther]

 

[PissedPanther]

thats a link to the topology of what i'm doing

 

[PissedPanther]

the pc is suppose to simulate the isp, but now has a loopback just coming off of that router instead of that switch and pc

 

[PissedPanther]

i was told, permit the tcp port 80, then 2nd line would be deny all other traffic, ping and all, so it would be deny any source, to the loopback, but http will go through, since its first, basically so you cant telnet, or ping the loopback to death

do you know how this command would look? or is it exactly what you wrote? thanks.