#
# Copyright (c) 1993, 1994 Carnegie Mellon University.
# All rights reserved.
#
# Use in source and binary forms, with or without modification, is
# permitted provided that source code modifications retain all
# perintent copyright notices and this paragraph in its entirety.
# This distribution includes software developed by Carnegie Mellon 
# University and the Software Engineering Institute.
#
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
#
#
#
# policy sample configuration file.
#    the policy(1) client of argus(1) can read Cisco access control
#    definitions, which can be used as a filter to show log entries
#    that should be blocked by the policy.
#
#
# Carter Bullard
# Software Engineering Institute
# Carnegie Mellon Univeristy
#
#
#     WARNING!!
#     this sample Cisco access control list does not enforce a
#     viable access control policy.  it is presented solely as a
#     demonstration of the format of the policy(1) configuration
#     file.

no ip source-route
access-list 102 permit ip 1.2.3.0 0.0.0.255 3.2.1.0 0.0.0.255
access-list 102 permit icmp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
access-list 102 deny   udp 1.2.0.0 0.0.255.255 0.0.0.0 255.255.255.255 eq 111
access-list 102 permit udp 1.2.0.0 0.0.255.255 0.0.0.0 255.255.255.255
access-list 102 permit tcp 1.2.3.4 0.0.0.0 0.0.0.0 255.255.255.255 established
access-list 102 permit tcp 0.0.0.0 255.255.255.255 2.3.4.5 0.0.0.0 eq 21
access-list 102 deny   tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 25
access-list 102 permit  ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255