Perhaps you are thinking of standard IOS ACL rules, specifically reflexive ACLs? Or maybe the "established" keyword on standard ACLs that looks for an ACK flag?
On Thu, Oct 9, 2014 at 4:23 PM, Roland Dobbins <[email protected]> wrote: > > On Oct 10, 2014, at 2:56 AM, Pete Lumbis <[email protected]> wrote: > > > Existing connections skip the ACL check. > > Is there a knob/stanza for this? If so, is 'permit established' the > default? > > ---------------------------------------------------------------------- > Roland Dobbins <[email protected]> // <http://www.arbornetworks.com> > > Equo ne credite, Teucri. > > -- Laocoön > > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
