ACLs, deny and allow IP address even and odd? 1

slate13 · Apr 15, 2005

How can I deny all even number host addresses and allow all odd IP addresses via a serial connection. Does any one have a short ACL script for this solution.

ChrisAC · Apr 16, 2005

Ermm ... why?

Just curious.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

dopehead · Apr 16, 2005

I think if you just change the least significant bit in your mask you would be able to match all Even or Odd host adresses, not very nice to do, and can become quite difficult to manage.

Jan

Network Systems Engineer
CCNA/CQS/CCSP/Infosec

ChrisAC · Apr 17, 2005

Jan,

Give us an example then. Lets say allow all uneven IP's in 172.16.1.0 /24 (.1, .3, .5, .7 etc..) and block all the even ones. How would you achieve that by changing the mask?

I can't think of a way how without putting an acl entry in for each host. No mask defines even or odd!

I'd still like to know the reason why slate13 actually wants to do this?

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

Triplejolt · Apr 18, 2005

Perhaps his friend is using an even IP address, which doesn't have access to Tek-Tips forum

Hope he's not on a B or A network...

A firm beleiver of "Keep it Simple" philosophy
Cheers
/T

ChrisAC · Apr 18, 2005

**********************
Chris A.C, CCNA, CCSA
**********************

dopehead · Apr 19, 2005

Well, example would then be : 172.16.1.0 /24 change the mask to an inverted acl mask 0.0.0.254 try it, see if i'm wrong. This would make the last bit always have to be '1' which would only give you access from odd host numbers since the last bit has to be a '1'

Jan

Network Systems Engineer
CCNA/CQS/CCSP/Infosec

ChrisAC · Apr 19, 2005

Well, I think that you are correct. I never thought of that. [ponder]

Have a star!

Chris. *writes it down for future reference*

**********************
Chris A.C, CCNA, CCSA
**********************

ChrisAC · Apr 19, 2005

Well I'll be ... it works!

Did it on a router and had the following acl

access-list 121 permit ip 10.19.72.0 0.0.0.254 any log
access-list 121 deny ip any any log

Sure enough, even numbers were allowed through and odd were blocked.

Apr 19 23:21:22: %SEC-6-IPACCESSLOGP: list 121 permitted tcp 10.19.72.2(0) -> 10.19.72.1(0), 1 packet
Apr 19 23:21:29: %SEC-6-IPACCESSLOGDP: list 121 permitted icmp 10.19.72.2 -> 198.133.219.25 (0/0), 1 packet
Apr 19 23:22:28: %SEC-6-IPACCESSLOGP: list 121 denied udp 10.19.72.3(0) -> 10.19.72.255(0), 1 packet
Apr 19 23:22:30: %SEC-6-IPACCESSLOGP: list 121 denied tcp 10.19.72.3(0) -> 10.19.72.1(0), 1 packet
Apr 19 23:22:35: %SEC-6-IPACCESSLOGP: list 121 denied udp 10.19.72.3(0) -> 192.168.3.113(0), 1 packet
Apr 19 23:23:17: %SEC-6-IPACCESSLOGP: list 121 permitted udp 10.19.72.4(0) -> 10.19.72.255(0), 1 packet
Apr 19 23:23:20: %SEC-6-IPACCESSLOGP: list 121 permitted udp 10.19.72.4(0) -> 192.168.3.113(0), 1 packet
Apr 19 23:23:21: %SEC-6-IPACCESSLOGDP: list 121 permitted icmp 10.19.72.4 -> 198.133.219.25 (0/0), 1 packet

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

ACLs, deny and allow IP address even and odd? 1

slate13

IS-IT--Management

ChrisAC

ISP

dopehead

MIS

ChrisAC

ISP

Triplejolt

IS-IT--Management

ChrisAC

ISP

dopehead

MIS

ChrisAC

ISP

ChrisAC

ISP

Similar threads

Part and Inventory Search

Sponsor