Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Lost RedHat....Cisco in need!
Operating Systems Linux Red Hat Lost RedHat....Cisco in need! Post 302141804 by Tabryan07 on Monday 22nd of October 2007 12:44:26 PM
Old 10-22-2007
Thanks a lot, we got some aand we are almost up and running.
 

3 More Discussions You Might Find Interesting

1. Filesystems, Disks and Memory

Lost Data Lost Admin

First time so excuse my ignorance please. I may not be accurately describing the issue. I have inherited a small lab mostly SUN V120s. We lost power and are trying to recover. Nope no backups... The primary issue I have is 1 box is an Oracle Server. It has 2 36Gb harddrives. I am able to... (3 Replies)
Discussion started by: murphsr
3 Replies

2. UNIX for Advanced & Expert Users

Sort command results are different in Redhat 4 vs Redhat 5

Hi, I am having a text file with the following contents ########### File1 ########### some page1.txt text page.txt When I sort this file on Red Hat 5, then I get the following output ########### File1 ########### page1.txt page.txt some (3 Replies)
Discussion started by: sarbjit
3 Replies

3. IP Networking

How to stack Cisco 2960-S and Cisco 2960X?

Is there an easy way to stack Cisco 2960-S and Cisco 2960X switches? If you have no idea, follow this: 1. Stacking is not supported on switches running the LAN Lite image. All switches in the stack must be running the LAN Base image. 2. In a mixed stack of Catalyst 2960-X and Catalyst 2960-S... (0 Replies)
Discussion started by: Ayaerlee
0 Replies

LEARN ABOUT DEBIAN

rapolicy

RAPOLICY(1)						      General Commands Manual						       RAPOLICY(1)

NAME

       rapolicy - compare a argus(8) data file/stream against a Cisco Access Control List.

COPYRIGHT

       Copyright (c) 2000-2003 QoSient. All rights reserved.

SYNOPSIS

       rapolicy -r argus-file [ra options]

DESCRIPTION

       Rapolicy reads argus data from an argus-file list, and tests the argus data stream  against a Cisco access control list configuration file,
       printing out records that represent activity that would violate the policy.  Rapolicy can be used to indicate access control violations, as
       well as test new access control definitions prior to installing them in a router.

OPTIONS

       Rapolicy, like all ra based clients, supports a large number of options.  Options that have specific meaning to rapolicy are:

	  -f <Cisco ACL file> Print records that violate the policy.
	  -D 0 (default)      Print records that violate the policy.
	  -D 1		      Print records and the violated ruleset.
	  -D 2		      Print all records and the ruleset that matched.

       See ra(1) for a complete description of ra options.

EXAMPLE INVOCATION

       rapolicy -r argus.file

CISCO ACL SYNTAX

       There  does  not  seem to be authoritative Cisco-ACL-Documentation, nor ACL syntax standardization.  Because Cisco has been know to improve
       its ACL rules syntax, rapolicy is known to work with Cisco ACL router defintions up to July, 2002.

       A Cisco ACL configuration file consists of a collection of any number of ACL statements, each on a separte line.   The  syntax  of  an  ACL
       statement is:

	  ACL	     = "access-list" ID ACTION PROTOCOL SRC DST NOTIFICATION

	  ID	     = Number
	  ACTION     = permit | deny
	  PROTO      = protocol name | protocol number

	  SRC | DST  = ADDRESS [PORTMATCH]

	  ADDRESS    = any | host HOSTADDR | HOSTADDR HOSTMASK
	  HOSTADDR   = ipV4 address
	  HOSTMASK   = matching-mask

	  PORTMATCH  = PORTOP PORTNUM | range PORTRANGE
	  PORTOP     = eq | lt | gt | neq | established

	  PORTRANGE  =	PORTNUM PORTNUM
	  PORTNUM    =	TCP or UDP port value (unsigned decimal from 0 to 65535)

EXAMPLE CONFIGURATION

       This  example  Cisco Access Control List configuration is provided as an example only.  No effort has been made to verify that this example
       Access Control List enforces a useful access control policy of any kind.

       #allow www-traffic to webserver
       access-list 102 permit tcp any 193.174.13.99 0.0.0.0 eq 80

       #allow ftp control connection to server
       access-list 102 permit tcp any 193.174.13.99 0.0.0.0 eq 21

       #allow normal ftp
       access-list 102 permit tcp any 193.174.13.99 0.0.0.0 eq 20

       #allow ftp passive conncetions in portrange 10000 to 10500
       access-list 102 permit tcp any host 193.174.13.99 range 10000 10500

       #dummy example
       access-list 102 permit tcp host 193.174.13.1 eq 12345 host 193.174.13.2 range 12345 23456

       #deny the rest
       access-list 102 deny tcp any any

       #same thing in other words:
       access-list 102 deny tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255

AUTHORS

       Carter Bullard (carter@qosient.com).
       Olaf Gellert (gellert@pca.dfn.de).

SEE ALSO

       ra(1), rarc(5), argus(8)

								   22 July 2002 						       RAPOLICY(1)
All times are GMT -4. The time now is 10:59 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy