[Fwbuilder-discussion] fwbuilder and argus / Cisco ACLs
Brought to you by:
mikehorn
Menu
▾
▴
[Fwbuilder-discussion] fwbuilder and argus / Cisco ACLs
|
From: Dietmar G. <die...@sc...> - 2006-03-17 21:07:40
|
Hello,
we are putting a large LAN into small segments to protect against worms.
The firewall ruleset is quite complicated and I'd like to compare the ruleset
against traffic flow logs.
Is it possible to compile fwbuilder into simple Cisco ACLs like
#allow www-traffic to webserver
access-list 102 permit tcp any 193.174.13.99 0.0.0.0 eq 80
#allow ftp control connection to server
access-list 102 permit tcp any 193.174.13.99 0.0.0.0 eq 21
#allow normal ftp
access-list 102 permit tcp any 193.174.13.99 0.0.0.0 eq 20
This would be very nice for use with the argus flow collector and its
rapolicy check.
Ciao
Dietmar
--
Alles Gute / best wishes
Dietmar Goldbeck E-Mail: die...@sc...
Reporter (to Mahatma Gandhi): Mr Gandhi, what do you think of Western
Civilization? Gandhi: I think it would be a good idea.
|