08-20-2003 06:34 AM - edited 03-02-2019 09:44 AM
Please forgive me for my lack of knowledge. I am new to cisco IOS commands. I am attempting to study for CCNA while I have a need to manage 2600 series routers. Very confusing when trying to learn commands.
I have 2 questions if you don't mind:
1. I am attempting to block specific IP addresses on eth0 in the wake of the lastest w32.sobig virus to keep my e-mail server from crashing and to keep the clutter out of my users mailboxes. What are the commands to simply create a new access-list and apply it to a specific eth port? Or, if easier, how could I add these ip addresses to existing ACL?
2. Where might I find a complete list of commands for the 2651 that I can reference when in need, such as today?
Thank you in advance for any assistance.
Cheers,
Dana
08-20-2003 07:37 AM
An interface can only have two access-lists; one for input and one for output. If there is already an access list on the interface for the direction you want then you must add your new statements to it but its not a simple subject.
The commands you are after are
access-list
ip access-group
The command guide you are after is at this link.
http://www.cisco.com/univercd/home/home.htm
Pull down the cisco ios arrow and select the ios version in your router. See it in the first output line of sho ver at the console.
The docs are separated into subjects which are also divided into two catagories; guides that describe a subject and some commands, and command references that show all of the commands for a subject.
Its hard to find some things, try the master index for those commands.
You might need cco access to see these.
Heres a decent doc on access-lists
http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.shtml
And heres the access-list support page
http://www.cisco.com/cgi-bin/Support/browse/psp_view.pl?p=Internetworking:ACCESS-LIST_ARP_BOOT_DHCP
08-20-2003 07:48 AM
Here's a good URL to get you going:
http://www.cisco.com/warp/public/707/confaccesslists.html
And for the command refrence try searching on http://www.cisco.com
Hope this helps.
08-20-2003 07:58 AM
Hey,
this is a link which explains about mitigating the Blaster worm , some access-lists to protect your network from it are given there. You could use a similar access-list.
http://www.cisco.com/warp/public/707/cisco-sn-20030814-blaster.shtml
08-20-2003 08:46 AM
Thanks for the quick and informative responses from everyone!!!
It is very much appreciated!
Cheers,
Dana
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: