! Generated by Network Security Policy Compiler, version 2.453

! [ BEGIN router:paris ]
! [ Model = IOS ]
! [ Routing ]
! route network:0/0 -> interface:rome.mediteran
ip route 0.0.0.0 0.0.0.0 10.2.2.2
! [ ACL ]
! interface:paris.north
ip access-list extended fastethernet0/0_in
! permit src=network:0/0; dst=network:egypt; srv=service:IP;
 permit ip any 10.4.4.0 0.0.0.255
! permit src=host:asterix; dst=interface:agadir.sahara; srv=service:http;
 permit tcp host 10.1.1.4 host 10.5.5.2 eq 80
! deny src=network:0/0; dst=network:0/0; srv=auto_srv:ip;
 deny ip any any

! interface:paris.east
ip access-list extended fastethernet0/1_in
! permit src=network:0/0; dst=network:egypt; srv=service:IP;
 permit ip any 10.4.4.0 0.0.0.255
! deny src=network:0/0; dst=network:0/0; srv=auto_srv:ip;
 deny ip any any

! interface:paris.mediteran
ip access-list extended fastethernet0/2_in
! permit src=network:0/0; dst=interface:paris.ocean; srv=service:http;
 permit tcp any host 10.10.1.1 eq 80
! deny src=network:0/0; dst=interface:paris.north; srv=auto_srv:ip;
 deny ip any host 10.1.1.2
! deny src=network:0/0; dst=interface:paris.east; srv=auto_srv:ip;
 deny ip any host 10.1.2.1
! deny src=network:0/0; dst=interface:paris.mediteran; srv=auto_srv:ip;
 deny ip any host 10.2.2.1
! deny src=network:0/0; dst=interface:paris.ocean; srv=auto_srv:ip;
 deny ip any host 10.10.1.1
! permit src=network:egypt; dst=network:0/0; srv=auto_srv:ip; stateless
 permit ip 10.4.4.0 0.0.0.255 any
! permit src=interface:agadir.sahara; dst=host:asterix; srv=reverse:TCP_ANY; stateless
 permit tcp host 10.5.5.2 host 10.1.1.4 established
! deny src=network:0/0; dst=network:0/0; srv=auto_srv:ip;
 deny ip any any

! interface:paris.ocean
ip access-list extended Serial0_in
! permit src=network:0/0; dst=network:egypt; srv=service:IP;
 permit ip any 10.4.4.0 0.0.0.255
! deny src=network:0/0; dst=network:0/0; srv=auto_srv:ip;
 deny ip any any

interface fastethernet0/0
 ip access-group fastethernet0/0_in in
interface fastethernet0/1
 ip access-group fastethernet0/1_in in
interface fastethernet0/2
 ip access-group fastethernet0/2_in in
interface Serial0
 ip access-group Serial0_in in

! [ END router:paris ]

