Hi,
On Wed, May 30, 2007 at 01:33:21PM -0700, Kevin Graham wrote:
> If you are wiping them out, you should always remove them to be safe
> (even if weren't default-deny behavior when missing, there is an
> unavoidable window between creation and completion).
Just to correct this small bit: default in IOS for packet ACLs is
"default-permit" *if the ACL is completely missing*.
But usually you're dead in the water as soon as you copy-and-paste a
new version of the ACL and the first line gets active, prohibiting any
further lines to go through...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [EMAIL PROTECTED]
fax: +49-89-35655025 [EMAIL PROTECTED]
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
