http://en.wikipedia.org/wiki/Access_control_list Wikipedia says: An access control list (ACL), with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation.
http://www.techrepublic.com/article/cisco-ios-access-lists-10-things-you-should-know/5731134 Tech Republic says: In the Cisco IOS, an access control list is a record that identifies and manages traffic. After identifying that traffic, an administrator can specify various events that can happen to that traffic.
So from these two sites, an access control list is a list of commands to control traffic in and out of a networking device, a router for example.
Above is an example of a ACL or Access Control List from magnolia documentation http://documentation.magnolia-cms.com/administration/security/accesscontrollists.html
What's the most common type of ACL?
Since ACL controls traffic, the one most common type of ACL would be IP ACLS, since IP are the more common type of traffic.There are two types of IP ACLs: standard and extended. Standard ACLs can only control traffic by the source IP address. Extended IP ACLs are more versatile, able to recognise traffic based on source IP, source port, destination IP, and destination port.
- Standard IP ACLs: 1 to 99 and 1300 to 1999
- Extended IP ACLs: 100 to 199 and 2000 to 2699
Examples:
Access-list 1 permit any Access-list 1 deny host 10.1.1.1 Access-list 1 deny any
The first line permits anything thus all traffic meets this requirement, so the router will permit all traffic, and processing will then stop.
*Any other IP not mentioned or configured will be automatically dropped/denied
No comments:
Post a Comment