For anyone working with these enough, I recommend a chart on your wall. This one prints out nicely:
 


From: ISOC Network Operations [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 25, 2003 09:05
To: [EMAIL PROTECTED]
Subject: [Modus] OT Blocking mail servers at the router

How to calculate the netmask

 

The netmask for a Class C is 255.255.255.0

 

To get the mask you use in an ACL you always subtract the netmask from 255.255.255.255

So a class c is like this

 

            255.255.255.255

-           255.255.255.0

            0.0.0.255 

 

If you are trying to write a ACL for a smaller block like a /30 2 host network the netmask is 255.255.255.252

 

            255.255.255.255

-           255.255.255.252

            0.0.0.3

 

My network at home is 65.90.86.248/29 which is a 255.255.255.248 netmask

 

To block outbound SMTP for my network I would do it like this

 

Access-list 102 deny tcp 65.90.86.248 0.0.0.7 any eq 25

 

John

 

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike McTee
Sent:
Tuesday, November 25, 2003 11:31 AM
To: [EMAIL PROTECTED]
Subject: [Modus] OT Blocking mail servers at the router

 

This is an Off Topic post.

 

I seem to recall some discussion here regarding blocking customer’s from being able to operate mail servers on the network by setting access list (or something) at the router level.  I’ve searched through the past e-mails and can’t seem to find this information.  If anyone is doing this or knows what the specifics are, please e-mail me off-list.

 

I’ve received a few complaints of spam being sent from within our network and upon verifying the IP Address, it shows to be an IP Address used by dialup customers.  I’m thinking these are likely customers who have SMTP services running and are unaware of it (W2k/XP).

 

Thanks in advance.

 

Sincerely,

Mike McTee

Internet Systems Technician

Eastex Net (www.eastex.net)

 

 

 

Reply via email to