Is there a way to filter out even(or odd) numbered IP address from passing through a router (I am working with the cisco packet tracer) using access lists or any other methods?
Thank You
Asked
Active
Viewed 1,085 times
1
-
Yes, with an ACL using a wildcard mask. This is something that used to be taught in Cisco classes, but it's not actually very useful. – Ron Maupin Jan 01 '16 at 08:28
-
@RonMaupin can you please describe the method – Janak Jan 01 '16 at 10:47
-
You will need to provide more information. For instance, are you want to block inbound or outbound? Which interface(s)? The gist of it is that you create an ACL to block even or odd numbers by using the wildcard to specify that the last bit is `0` which means is must be the same as the address it is masking. – Ron Maupin Jan 01 '16 at 18:07
-
@RonMaupin Thank You, i wanted to simulate blocking a set of pc's with even numbered IP addresses from accessing a ftp server through a router using cisco paket tracer. – Janak Jan 01 '16 at 18:23
1 Answers
0
Yes, this is possible since Cisco takes ACL hostmasks quite literally and permits any bitmask. An IPv4 hostmask is 32 bits. A normal definition would have the leftmost bits equal to zero, and the rightmost bits equal to one, but in theory you can mix zeroes and ones, and Cisco permits this. See http://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-confaccesslists.html#topic2
For example:
- 192.168.2.0 0.0.1.255 matches anything between 192.168.2.0 and 192.168.3.255
- 192.168.2.0 0.0.1.254 matches only even addresses between 192.168.2.0 and 192.168.3.255
- 192.168.2.1 0.0.1.254 matches only odd addresses between 192.168.2.0 and 192.168.3.255
As @ron-maupin noted this is not very useful though, it is basically only useful for your rather unusual request.
Law29
- 3,507
- 1
- 15
- 28