Agree King. But that`s what I saw configured and wanted to understand as it is It seems to match either SYN and FIN at the same packet. I didn't understand
On Fri, Jun 3, 2011 at 2:59 AM, Kingsley Charles <[email protected] > wrote: > You are using match-all which makes to match a packet with both SYN and > FIN. Split them and also use mask 0x3E for FIN > > class-map type access-control match-all SYN > > match field TCP dest-port eq 80 > match field tcp control-bits eq 2 mask 0x3D > > class-map type access-control match-all FILTER > match field TCP dest-port eq 80 > match field tcp control-bits eq 1 mask 0x3E > > > > With regards > Kings > > On Thu, Jun 2, 2011 at 8:20 PM, Bruno <[email protected]> wrote: > >> Check this statement >> >> class-map type access-control match-all FILTER >> match field TCP dest-port eq 80 >> match field tcp control-bits eq 2 mask 0x3D >> match field tcp control-bits eq 1 mask 0x3D >> >> Will this catch either SYN OR FIN and other bits could be set as well? Is >> that right? >> -- >> Bruno Fagioli (by Jaunty Jackalope) >> Cisco Security Professional >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> > > -- Bruno Fagioli (by Jaunty Jackalope) Cisco Security Professional
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
