
HummPIX-515(config)# sh access-li dmz_access_in
access-list dmz_access_in turbo-configured; 42 elements
access-list dmz_access_in line 1 remark access from dmz hosts to Internet and access to web server
access-list dmz_access_in line 2 permit udp any any eq domain (hitcnt=1029)
access-list dmz_access_in line 3 permit tcp 192.168.32.0 255.255.255.0 any eq www (hitcnt=156)
access-list dmz_access_in line 4 permit tcp 192.168.32.0 255.255.255.0 any eq https (hitcnt=0)
access-list dmz_access_in line 5 permit tcp 192.168.32.0 255.255.255.0 any eq smtp (hitcnt=0)
access-list dmz_access_in line 6 permit tcp 192.168.32.0 255.255.255.0 any eq pop3 (hitcnt=0)
access-list dmz_access_in line 7 permit tcp host WEB_Server host 10.4.0.3 eq ftp (hitcnt=0)
access-list dmz_access_in line 8 permit tcp 192.168.32.0 255.255.255.0 host 208.206.232.55 eq ftp (hitcnt=0)
access-list dmz_access_in line 9 permit udp 192.168.32.0 255.255.255.0 host 69.38.125.241 eq 2746 (hitcnt=0)
access-list dmz_access_in line 10 permit esp 192.168.32.0 255.255.255.0 any (hitcnt=0)
access-list dmz_access_in line 11 permit udp 192.168.32.0 255.255.255.0 any eq isakmp (hitcnt=0)
access-list dmz_access_in line 12 permit udp 192.168.32.0 255.255.255.0 any eq 4500 (hitcnt=0)
access-list dmz_access_in line 13 permit tcp 192.168.32.0 255.255.255.0 any eq nntp (hitcnt=0)
access-list dmz_access_in line 14 remark access from timesheets to DCs
access-list dmz_access_in line 15 permit tcp host 192.168.32.4 host 10.4.0.4 eq www (hitcnt=0)
access-list dmz_access_in line 16 permit udp host 192.168.32.4 host 10.4.0.46 eq 389 (hitcnt=5)
access-list dmz_access_in line 17 permit udp host 192.168.32.4 host 10.4.0.47 eq 389 (hitcnt=44)
access-list dmz_access_in line 18 permit udp host 192.168.32.4 host 10.4.0.46 eq 88 (hitcnt=14)
access-list dmz_access_in line 19 permit udp host 192.168.32.4 host 10.4.0.47 eq 88 (hitcnt=15)
access-list dmz_access_in line 20 permit tcp host 192.168.32.4 host 10.4.0.46 eq 88 (hitcnt=4)
access-list dmz_access_in line 21 permit tcp host 192.168.32.4 host 10.4.0.47 eq 88 (hitcnt=12)
access-list dmz_access_in line 22 permit tcp host 192.168.32.4 host 10.4.0.46 eq ldap (hitcnt=0)
access-list dmz_access_in line 23 permit tcp host 192.168.32.4 host 10.4.0.47 eq ldap (hitcnt=23)
access-list dmz_access_in line 24 permit tcp host 192.168.32.4 host 10.4.0.30 eq 1433 (hitcnt=41)
access-list dmz_access_in line 25 permit tcp host 192.168.32.4 host 10.4.0.46 eq domain (hitcnt=0)
access-list dmz_access_in line 26 permit tcp host 192.168.32.4 host 10.4.0.47 eq domain (hitcnt=0)
access-list dmz_access_in line 27 permit tcp host 192.168.32.4 host 10.4.0.47 eq 1026 (hitcnt=27)
access-list dmz_access_in line 28 permit tcp host 192.168.32.4 host 10.4.0.46 eq 1026 (hitcnt=2)
access-list dmz_access_in line 29 remark Will work with only 135, but 445 and 137 are continuosly contacted
access-list dmz_access_in line 30 permit tcp host 192.168.32.4 host 10.4.0.47 eq 135 (hitcnt=19)
access-list dmz_access_in line 31 permit tcp host 192.168.32.4 host 10.4.0.46 eq 135 (hitcnt=3)
access-list dmz_access_in line 32 permit tcp host 192.168.32.4 host 10.4.0.47 eq 445 (hitcnt=74)
access-list dmz_access_in line 33 permit tcp host 192.168.32.4 host 10.4.0.46 eq 445 (hitcnt=3)
access-list dmz_access_in line 34 permit tcp host 192.168.32.4 host 10.4.0.47 eq 137 (hitcnt=0)
access-list dmz_access_in line 35 permit tcp host 192.168.32.4 host 10.4.0.46 eq 137 (hitcnt=0)
access-list dmz_access_in line 36 permit udp host 192.168.32.4 host 10.4.0.46 eq ntp (hitcnt=0)
access-list dmz_access_in line 37 permit udp host 192.168.32.4 host 10.4.0.47 eq ntp (hitcnt=22)
access-list dmz_access_in line 38 permit tcp host 192.168.32.4 host 10.4.0.46 eq netbios-ssn (hitcnt=0)
access-list dmz_access_in line 39 permit tcp host 192.168.32.4 host 10.4.0.47 eq netbios-ssn (hitcnt=0)
access-list dmz_access_in line 40 permit udp host 192.168.32.4 host 10.4.0.16 eq netbios-ns (hitcnt=2)
access-list dmz_access_in line 41 remark Access to Symantec AV
access-list dmz_access_in line 42 permit tcp host 192.168.32.4 host 10.4.0.94 (hitcnt=0)
access-list dmz_access_in line 43 permit udp host 192.168.32.4 host 10.4.0.94 eq netbios-ns (hitcnt=0)
access-list dmz_access_in line 44 remark Access to BigBrother
access-list dmz_access_in line 45 permit tcp host 192.168.32.4 host 10.4.0.96 eq 1984 (hitcnt=1010)
access-list dmz_access_in line 46 remark Access to Integrity
access-list dmz_access_in line 47 permit tcp 192.168.32.96 255.255.255.224 host 10.6.6.15 eq 5054 (hitcnt=25)
access-list dmz_access_in line 48 permit icmp any any (hitcnt=285)