ospwd@EMORYU1.CC.EMORY.EDU (Peter Day) (01/04/91)
I need to be able to restrict Internet access to certain subnets
(all hosts in that subnet) and to certain hosts in other subnets on
our IP network. I have read the material on access controls in the
p4200 Internet Protocol Packet Forwarder Reference Guide, and I have a
question. Can 0.0.0.0 with mask 0.0.0.0 be used to match ALL IP
numbers? Can it be done if, due to the need to support obsolete
equipment, we still use 0.0.0.0 as the broadcast address on our IP
network? If so, then I presume I could set access control
inclusive and enter access control records of the form
Source Mask Dest Mask
(1) 128.140.n.0 255.255.255.0 0.0.0.0 0.0.0.0
(2) 0.0.0.0 0.0.0.0 128.140.n.0 255.255.255.0
(3) 128.140.x.y 255.255.255.255 0.0.0.0 0.0.0.0
(4) 0.0.0.0 0.0.0.0 128.140.x.y 255.255.255.255
where (1) and (2) allow any node on 128.140.n to access the
Internet, and (3) & (4) allow a particular node 128.140.x.y
to access the Internet.
Thanks,
Peter Day
Research and Planning, Information Technology Division,
Uppergate House, Emory University, Atlanta, GA 30322
DOMAIN: ospwd@emoryu1.cc.emory.edu
UUCP: gatech!emoryu1!ospwd PHONE: +1 404 727-7678
BITNET: ospwd@emoryu1 FAX: +1 404 727-2599
AppleLink: ospwd@emoryu1.cc.emory.edu@dasnet#