On 9 Mar 00, at 15:24, John Adams wrote: > Here's my ruleset: > > ip access-list extended s0-in > > ! block IP spoofing > ... > deny ip 192.168.0.0 0.0.255.255 any log > permit tcp any any lt 1024 established Wouldn't locating the permit any established at the start of the list be far more efficient? Eric Johnson ------------------- Eric Johnson - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
- RE: Content Analysis Ron DuFresne
- RE: Content Analysis John Adams
- RE: Content Analysis Paul D. Robertson
- RE: Content Analysis Paul D. Robertson
- RE: Content Analysis Ng, Kenneth \(US\)
- RE: Content Analysis Ron DuFresne
- RE: Content Analysis John Adams
- RE: Content Analysis John Adams
- Cisco Access Lists (Was: RE: Content Analysis) Jon Earle
- Re: Cisco Access Lists (Was: RE: Content A... John Adams
- Re: Cisco Access Lists (Was: RE: Conte... Eric Johnson
- Re: Cisco Access Lists (Was: RE: Content A... Gerardo Soto
- RE: Content Analysis John Adams
- RE: Content Analysis Ng, Kenneth \(US\)
- RE: Content Analysis COOPER, Peter
- RE: RE: Content Analysis spiros_liolis
- RE: Content Analysis Dug Song
- RE: Content Analysis Unknown
- RE: Content Analysis John Adams
- RE: Content Analysis -reply Mark . Teicher
