Standard ACL and wild card mask
If The following commands were entered on a router:
Router(config)# access-list 2 deny 172.16.5.24
Router(config)# access-list 2 permit any
What can be concluded about this set of commands?,,,(i.e wild card mask has not been used with deny statement),,,Does a router accept it ? I do not router right now to do practical test
Hello,
The effect of this access-list would be to deny just the host 172.16.5.24 and to permit everything else. The router would accept this command line.
The lack of a wildcard in this case means that the IP address is a host address. The following access-list statements result in identical behaviour, for example:
access-list 1 permit ip 172.16.5.24
access-list 1 permit ip 172.16.5.24 0.0.0.0
access-list 1 permit ip host 172.16.5.24
Hope that helps - pls rate the post if it does.
Paresh.
Similar Messages
-
Using a column twice in a dashboard prompt -- multi-select and wild-carding
My client is using OBIEE 10.1.3.2; they cannot upgrade at this time. However, they want to be able to enter both a list of values and a wild-card search for additional values at the same time for a single column in a dashboard prompt.
Since they cannot upgrade, they do not have the wild-card search feature of the enhanced multi-select prompt feature of 10.1.3.3 and later releases.
Has anyone found another method to do this, perhaps by using a column twice in a dashboard prompt or in separate dashboard prompts on the same dashboard apge, in order to OR the results of a multi-select and an edit box (with wild-card pattern-match entry)? I suspect that will not work -- that the results sets of one prompt for a column will override any other prompt result sets for the same column.
Has anyone found another way to do this, prior to release 10.1.3.3?Yes, it is possible.
This is how to do it:
In your report you need to add two filters on the same column and combine them with OR.
First filter: is prompted.
Second filter: is like presentation_variable
Then protect this filter!* This will make that your prompt will be filtered on the pres. variable and that it won't be overwritten by another prompt.
Now create your dashboard prompt:
First add your column with an edit box and attach the presentation variable to it.
Then edit the formula of the column, so it will not reference to the column anymore. (Which isn't needed, since the value will be set to the pres. variable.)
Then add the same column with a multi-select.
Then test it and check your results.
Regards,
Stijn -
RFC as webservice and wild cards
Hi experts,
We have a custom RFC that fetches employee data based on import parameters like PERNR,FIRSTNAME,LASTNAME etc.This RFC is exposed as a WS by default(we are on ECC6.0) and is consumed by a non-SAP application.
The problem is when the calling application tries to do a wild card search in any of the field (say,FIRSTNAME),there is an error with the message like give below:
There is an error in XML document (1, 17584987).
'ўј', hexadecimal value 0x06, is an invalid character. Line 1, position 17584987
Please note that the RFC works fine in all scenarios from SE37.
Even the WS works fine for searches like 'A'.But the problem occurs only when one/any of the parameters is ''.
My questions is:Is there any restriction on using the wild card as a parameter to a WS interface?If yes,how to have a workaround on this?
Thanks in advance,
PrasannaHi
Can we wrap a rfc as web service ?
Yes.
<i>To use the SAP Web AS 6.40 you need to build a wrapper in the 6.40 system. This is a remote function call (RFC) enabled function module with the same interface or a similar interface that internally calls the required RFC-enabled function module in the old 4.6x system via RFC. The wrapper then can be exposed to the outside world as a Web service. Another option is to use the Integration Broker capabilities for calling Web services in an older system.</i>
How XI will play a role here ?
XI will pass the input to the external java application and get back the result to the webservice
regards
krishna -
Standard Account and Smart Card
I apparently have a standard account and whenever I try to make an administrator change it tells me to connect a smart card and I don't know what it is.
Owenthec,
A smart card is a card that you can insert into a computer with a smart card reader that will allow you to log on to an account associated with that card.
In your case, the account associated with the card is an administrator account.
If this is a work computer that you’re using, then it appears that your systems administrator has it set so that you cannot make changes.
For more information, check out
What is a smart card and how do I use one?
Hope this helps!
Mike
Windows Outreach Team – IT Pro
Windows for IT Pros on TechNet -
How to pass wild card '%' value from the parameter to the query
Hello everyone,
I have following 2 problems
1) I was trying to do some thing like below
select * from emp
where ename like 'J%'
for this i have used the following code
select * from emp
where ename like :P_ENAME
and before running the query in the parameter box i entered J%. But my report returns an error which says INVALID PARAMETERS REQUESTED.
2) I have a req of passing both comma separated and wild card for the same parameter. If we take the same example as above,
user should be able to enter
a) JASON, SMITH, JOHN OR b) J%
I have used comma separated value option of the parameter for the csv values and its working fine, but i need to add the wild card feature also to the same parameter.
Can anyone please help me with these things?????
Thanks in advance!!
RaghuHi Raghu,
I guess you are in older version, You have to get into latest version to use %, it should work well
you should use where ( ename like :P_ENAME ) or ( ename in (:P_ENAME)) for both the condition to satisfy. -
I had the first two lines in the access list and all was well, I then added the 3rd. From what I need to put the 3rd entry (deny host 10.1.30.51) after the second entry and before the permit any. Even though I created sequence numbers in order of the 3 entries (10,20,30) the sequence numbers didnt put them in order and they dont even show up in the show run. What went wrong? How is it possible to edit an acl without sequence numbers also?
Cause if I had:
10 deny x.x.x.x
20 deny x.x.x.x
30 permit any
Then I could add say 15 deny x.x.x.x, but now I cant and I dont even know what happened to the sequence numbers when I created them.
Thanks.
Standard IP access list 1
deny host 10.1.30.50 (4 match(es))
permit any (8 match(es))
deny host 10.1.30.51
Router#Hi Milan,
Sequence numbers are indeed not supported if you define a numbered access list. With both standard and extended numbered ACLs, however, it is possible to do a trick: if you refer to them as named ACLs (use their number as their name), you actually are able to use the sequence numbers.
For example:
R1(config)# do show run | i access-listaccess-list 1 deny 192.0.2.1access-list 1 permit anyaccess-list 100 deny ip host 192.0.2.1 anyaccess-list 100 permit ip any anyR1(config)# do show ip access-lStandard IP access list 1 10 deny 192.0.2.1 20 permit anyExtended IP access list 100 10 deny ip host 192.0.2.1 any 20 permit ip any anyR1(config)# ip access-list standard 1R1(config-std-nacl)# 15 deny 192.0.2.15R1(config-std-nacl)# exitR1(config)# do show access-listStandard IP access list 1 10 deny 192.0.2.1 15 deny 192.0.2.15 20 permit anyExtended IP access list 100 10 deny ip host 192.0.2.1 any 20 permit ip any anyR1(config)# ip access-list extended 100R1(config-ext-nacl)# 15 deny ip host 192.0.2.15 anyR1(config-ext-nacl)# exitR1(config)# do show access-lStandard IP access list 1 10 deny 192.0.2.1 15 deny 192.0.2.15 20 permit anyExtended IP access list 100 10 deny ip host 192.0.2.1 any 15 deny ip host 192.0.2.15 any 20 permit ip any any
The router is even smart enough to disallow to refer to a named ACL whose name is a number of the opposite type than stated on the command line:
R1(config)# ip access-list standard 101% % Invalid access list name.R1(config)# ip access-list extended 2% % Invalid access list name.
What Collin may have in mind, though, is that host entries in standard ACLs are reorganized to a different order than entered:
R1(config)# ip access-list standard TestR1(config-std-nacl)# permit 10.0.0.1R1(config-std-nacl)# deny 10.0.0.2R1(config-std-nacl)# permit 10.0.0.3R1(config-std-nacl)# deny 10.0.0.4R1(config-std-nacl)# permit 10.0.0.5R1(config-std-nacl)# deny 10.0.0.6R1(config-std-nacl)# permit 10.0.0.7R1(config-std-nacl)# deny 10.0.0.8R1(config-std-nacl)# permit anyR1(config-std-nacl)#exitR1(config)# do show access-list TestStandard IP access list Test 80 deny 10.0.0.8 20 deny 10.0.0.2 30 permit 10.0.0.3 10 permit 10.0.0.1 60 deny 10.0.0.6 70 permit 10.0.0.7 40 deny 10.0.0.4 50 permit 10.0.0.5 90 permit anyR1(config)# do show run | section Testip access-list standard Test deny 10.0.0.8 deny 10.0.0.2 permit 10.0.0.3 permit 10.0.0.1 deny 10.0.0.6 permit 10.0.0.7 deny 10.0.0.4 permit 10.0.0.5 permit any
This reordering happens only with standard ACLs and is a result of indexing the host entries in the ACL into a hash table (the hash function being XOR of individual octets of the IP address in the host entry) for faster access. When printing out the ACL, first the host items are printed out in the order they are stored in the hashing table, and only then the remaining entries that use wildcards. Wildcard entries are not reordered.
The funny thing is that the ACL is actually even stored in the configuration in the reordered form, and thus evaluated in a reordered form, which can be confusing. However, you may have noticed that the router will prohibit you from entering a host ACL after entering a wildcard ACL that also matches the IP address in a wildcard entry:
R1(config)# ip access-list standard Test2R1(config-std-nacl)# permit 10.0.1.0 0.0.0.255R1(config-std-nacl)# deny 10.0.1.1% Access rule can't be configured at higher sequence num as it is part of the existing rule at sequence num 10R1(config-std-nacl)#
Why is this? Obviously, a host entry can either select the same action for a packet that would be taken by a more general wildcard entry (in which case it is not necessary for the host entry to be entered at all), or it can override the action that would be chosen by a more general wildcard entry. In this second case, it is necessary for this host entry to be placed in the ACL first, otherwise it would never be reached. Ordering of host entries themselves can be arbitrary, as they do not influence each other. This leads us to a general logic in standard ACLs - it is required to put all host entries first, and wildcard entries last. Now it is completely logical to visit all host entries first (indexed by a hash for rapid access), and then visit the wildcard entries.
Quite a long post... sorry for that. Hopefully, we've resolved some of the doubts.
Best regards,
Peter -
What's the proper behavior of Standard ACLs?
Hi, I have a question regarding the Standard ACL.
If I have 1000 lines of ACEs in an standard ACL, and I remove one ACE from the standard ACL, should this ACL be completely gone? Or we should have the rest of 999 ACEs still there?
Thanks!Ok. So you want to remove ONE (or more) selected offending line from your ACL. Let's take your example:
access-list 10 deny 130.0.0.1
access-list 10 deny 120.0.0.1
access-list 10 deny 130.0.1.1
access-list 10 permit any
Let's say you want to remove "access-list 10 deny 130.0.1.1". Cut-n-paste your original ACL into a Wordpad or Notepad and you'll wind up with something like this:
conf t
no access-list 10
access-list 10 deny 130.0.0.1
access-list 10 deny 120.0.0.1
access-list 10 permit any
end
wr
Cut-n-paste everything back into your ACE. -
Wild Card Postal Codes in Transportation Zones and Postal Code Range in TCM
Hello Experts,
I have 2 queries on Postal Codes usability in SAP TM:
1. Postal Code Transportation Zones:
Business Scenario: Some countries have non-numeric Postal Codes and you can not maintain From and To Postal Code range. System supports Postal Code to be entered as Wild Card (XY1*) in Transportation Zone but does not respect them during charge calculation.
2. Postal Code Range in Rate Table:
There are standard Calculation Bases for Source/Destination Postal Code Range but these do not allow maintaining values like Source Postal Code Range (90100-90199) to Destination Postal Code Range (63100-63199). I am unable to understand the use of these 2 calculation bases since they do not accept range.
Kindly suggest.
Thanks and Best Regards,
Vikas ChhabraI start with the first question: Well, well, well. Probably one of the most underestimated topics in the transportation network. A bit of a background: Postal codes are alphanumeric meaning they allow numbers and characters. Of course for some countries only numbers are required and those are pretty easy to handle. Nevertheless, SAP produces global software and there are countries having postal codes with unfixed length, character first, in the middle, at the end. This makes ranges ugly, tough, sometimes impossible.
The range definition works alphanumeric, which is a position to position comparison based on single chars. You can check the inclusion results in excel or with any database. For the zone definition this can mean that you are forced to enter postal codes and no ranges. Of course this blows up the maintenance effort in the beginning, but ensures the correctness.
I was surprised by your comment that the zone definition allows '*' because this would make this whole thing even more complicated and error prone. I tested it and it does not work, at least for Germany. I think in the address definition per country you can define valid formats for postal codes and there '*' is not valid for Germany. The transportation zone location inclusion will not work with pattern!
In case you have manages to maintain this: I would advise to take the effort and enter at least valid ranges. -
LMS 4.2.3 baseline compliance template and standard ACL
When using a baseline compliance template to check and deploy a standard ACL, I encountered what seems to be a bug:
I configured a template with these commands:
+ip access-list standard 21
+; Hosts allowed access
+ permit host 10.20.30.40
+ permit host 40.30.20.10
+ deny any log
When I do compliance check and deployment, the last line is dropped by LMS.
In fact, when I look into the job's "Work Order", the commands are:
ip access-list standard 21
; Hosts allowed access
permit host 10.20.30.40
permit host 40.30.20.10
After the job run, "show running-config" shows the access list matching the "Work Order" (without the "deny any log" command.)
Is this a bug?Doesnt have any issues on my Lab 4.2.4. following is the Job Work order :
Name:
Archive Mgmt Job Work Order
Summary:
General Info
JobId: 2704
Owner: admin
Description: test_acl
Schedule Type: Immediate
Job Type: Compliance Check
Baseline Template Name: test_acl
Attachment Option: Disabled
Report Type: NAJob Policies
----------------------------------------------------------------------------------------------E-mail Notification: Not Applicable
Job Based Password: DisabledDevice Details
Device
Commands
Sup_2T_6500
ip access-list standard 21
permit host 10.20.30.40
permit host 40.30.20.10
deny any log
10.104.149.180
ip access-list standard 21
permit host 10.20.30.40
permit host 40.30.20.10
deny any log
Check your template, or export it and share, i will try it on my LMS server. also, check the same complaince job on other devices if you have such issues.
-Thanks
Vinod
**Rating Encourages contributors, and its really free. ** -
Wild card and blank search for INBOX SEARCH
Hi All,
we are working on SAP CRM 2007. we have an requirement where we want to implement "Wild card and blank search for INBOX SEARCH page". please provide me some pointers to proceed. TIA
rgds,
@runHi Ajith,
István is correct, wild card '*' is readily available for any Item name, BP name or other searchable fields.
Thanks,
Gordon -
Wild card usage in standard F4 help - issue
Hi Friends,
i want to list a function module which - second character should be 'Z' .........HOW TO DO THAT ...
usually we will put : in se37 - IN THE FIELD VALUE COLUMN : %z*
but wild card % or ? is not accepting ....give me your help on this.
regards
raajthanks for your response.
if we use z* or *z.....
please not that only second character of my listing should be "z"
If you give *z - it will list out all values which ends with "Z" ....
HOW TO USE THE WILD CARD : % -
Wild card search and multiselection in dashboard prompt????
Hi all:
Actually, I want to make dashboard prompt that filters the customer code, user can select more than one code at a time. But there is one more requiremnet that is, If user wants to find customer code in report than it just write the code or part of code ("like wild card search"). I want these two works in one dashboard prompt. If there any possiblity to do like this. Please help me to create this type of dashboard prompt. Thanks
AliHi Ajith,
István is correct, wild card '*' is readily available for any Item name, BP name or other searchable fields.
Thanks,
Gordon -
Wild Card as key field value in Content Conversion
Hi,
Can any one please tell me that can a wild card such as '*' be used as key field value.
Thnx,
Pravesh Puria.Hi Pravesh
For the file name in the sender file adapter you can use the '*' or '?'(as a placeholder for exactly one character)
You can also enable the "Advanced Selection for Source File" in the sender file adapter, where you can do two things:
a)you can specify an exclusion mask for the file name specified above.
b)you can specify/lits multiple directories with a file name and an associated exclusion mask, e.g. in file name you put ".txt" and in the associated exclusion mask "a". The every file with ".txt" except "a" will be fetched from that directory.
Try it out.
Regards,
Goekhan -
How to prevent the use of wild cards in select-option
Hello experts,
Is it possible to prevent the use of wild cards in a select-option? If yes, how is it done please?
I have a
SELECT-OPTIONS: o_comp FOR dbtab-field OBLIGATORY DEFAULT 'FI'.
and, I want to prevent the users for giving in some thing like FI* with the wildcard bc it would lead to dump.
I want an error message to display and prevent the users for making such entry.
Please I need your help and I would be very grateful.
Thanks
NadinYou have to use SELECT_OPTIONS_RESTRICT to restrict input allowed. Call this FM in INITIALIZATION or SELECTION-SCREEN OUPUT sections.
Sample :
TYPE-POOLS: sscr.
INITIALIZATION.
* Restrict SELECT-OPTIONS
PERFORM restrict_select.
FORM restrict_select.
DATA: restrict TYPE sscr_restrict,
opt_list TYPE sscr_opt_list,
*** TYPE sscr_***.
* Défine select-options modes (aka option list)
* - ALL standard - all options allowed
CLEAR opt_list.
MOVE 'ALL' TO opt_list-name.
MOVE 'X' TO: opt_list-options-bt,
opt_list-options-cp,
opt_list-options-eq,
opt_list-options-ge,
opt_list-options-gt,
opt_list-options-le,
opt_list-options-lt,
opt_list-options-nb,
opt_list-options-ne,
opt_list-options-np.
APPEND opt_list TO restrict-opt_list_tab.
* - EQU only equality allowed (list of values)
CLEAR opt_list.
MOVE 'EQU' TO opt_list-name.
MOVE 'X' TO opt_list-options-eq.
APPEND opt_list TO restrict-opt_list_tab.
* Affect modes to parameters or block of parameters
* ALL by default
CLEAR ***.
MOVE: 'A' TO ***-kind,
'*' TO ***-sg_main,
'ALL' TO ***-op_main.
APPEND *** TO restrict-***_tab.
* EQU to internal material number
CLEAR ***.
MOVE: 'S' TO ***-kind,
'S-MATNR' TO ***-name,
'I' TO ***-sg_main, " no exclusion
'EQU' TO ***-op_main. " only value list
APPEND *** TO restrict-***_tab.
* Call FM
CALL FUNCTION 'SELECT_OPTIONS_RESTRICT'
EXPORTING
restriction = restrict
EXCEPTIONS
OTHERS = 1.
ENDFORM. " restrict_select
In the sample, only select-options for matnr is restricted to single value list.
For your request build a mode with all options except "pattern" ones : CP and NP.
Regards -
Wild card search using %
I have a question on wild card searches. I am currently doing a like behind the scenes to look for a string inside a string...
However, if the user wants to put in a wild card like 'AP%Report%'... I would like to return all the ones that begin with AP and have Report in them- is that possible using APEX? I currently do not get any records as the % is considered literally. As our users are used to Oracle, we will have users who will key in a % during the search and we need this to work!
Can anyone please help me with this?
Thanks!
RamyaThanks for your quick response, Tony!
Its a standard report not interactive... version is 'Application Express 4.0.2.00.07'
Below is the complete query,
select * from (
select report_id
, (SELECT report_type_name FROM xxnf.xxnf_apex_rr_report_types t WHERE t.report_type_id = xxnfarr.report_type_id) report_type
, Category
, report_name
, report_desc
, image Sample
, last_used
, link
, sample_url
, decode(sample_url, NULL, 'http://common.newfield.com/images/misc/blank.gif','http://common.newfield.com/images/misc/Sample.gif') sample_icon
, (select resp_group_name FROM xxnf.xxnf_apex_rr_resp_groups t WHERE t.resp_group_id = xxnfarr.resp_group_id) contact
from
xxnf.XXNF_APEX_RR_REPORTS xxnfarr)
where (
instr(upper("REPORT_TYPE"),upper(nvl(:P11_REPORT_SEARCH,"REPORT_TYPE"))) > 0 or
instr(upper("REPORT_NAME"),upper(nvl(:P11_REPORT_SEARCH,"REPORT_NAME"))) > 0 or
instr(upper("REPORT_DESC"),upper(nvl(:P11_REPORT_SEARCH,"REPORT_DESC"))) > 0
or
instr(upper("CATEGORY"),upper(nvl(:P11_REPORT_SEARCH,"CATEGORY"))) > 0
Hope I answered all your questions.. On why I am doing this instead of a LIKE.. I could not get it working with a LIKE and had to pull this code from one of the sample applications... Hope that makes sense!
Ramya
Maybe you are looking for
-
PR to be deleted after PO release strategy with pr.
Hi,expert some pr to be deleted as release strategy already trigered as well as po had been done. Pls help.Any suggestion?
-
Hi Abap gurus, I need a blank ALV to display with 6 coulumns,where the enduser will fill the details in the alv row wise and he clicks on a button which will save in the z-table with the entries done in alv (edit mode) and then it should export to ex
-
Cannot see all the essbase dimensions when performed reverse engg.using ODI
Hi, I performed the reverse engineering process for getting the dimensions from Essbase to the Model. First time the session has shown an error. When i right clicked the session in the operator and clicked on restart it has run succesfuly. But only t
-
What is pagination and "reset pagination" ?
Can somebody tell me what exactly pagination is wrt APEX? What happens when we do a "reset pagination" ? ~Rose
-
I created 2 very simple files and trying to set session attribute in one of them and retrieve it in the next one. There is a link from the first to the second. I always get new session in the second JSP. Source of the 1st file : <%@ page import="java