Anyone tinkered with PBACLs (object-groups)? Kind of cool. Now I can have "friendly" names in my ACLs, and can group ip/ports. I just refactored a bunch of ACLs to use this as it makes them more maintainable.
Suprised you can't nest object-groups though. Perhaps it was a deliberate omission so users wouldn't start using it as a stateless firewall. Tim:> _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
