Have some specific questions about EXOS ACL's I am hoping someone can help with:
- Dynamic and Policy ACL's - do these have a Explicit Deny or Permit at the end of each. I know I can create either / or but not sure what the default process is and if its the same for each type?
- If I create a Policy ACL with just an 'if' statement and NO match condition, i.e. 'match all', would it still match all elements in the statement like Source Address, Protocol and Port Number?
- Whats the main difference and reasons for creating ACL's as a policy than Dynamic and visa versa, here's some that I can think of:
- Policy ACL you can edit the rule, i.e. if you wanted to add a count to a rule as opposed to a Dynamic ACL you would have to remove the ACL and re-add it amended.
- Dynamic ACL's help if you are used to writing them directly in the command line.
- Dynamic ACL's you can re-use rules per individual rule.
- Policy ACL's you can apply many rules at once with a single command.
Thanks in advance.