[nsp] IPACCESSLOGS - unusual message

From: Gert Doering (gert@greenie.muc.de)
Date: Mon Jun 03 2002 - 04:32:12 EDT


Hi,

me again, still filtering bad packets.

The access-list in use right now looks like this:

Cisco#sh access-list vlan40in
Extended IP access list vlan40in
    permit ip host x.x.x.7 any (8406 matches)
    deny udp any any eq domain
    deny ip any any log-input (332 matches)

(x.x.x.7 ist the "real" IP address of that machine, and that aspect
works).

The interesting part is the log-input line - it logs messages like this:

1219606: 15w4d: %SEC-6-IPACCESSLOGS: list vlan40in denied 108.122.0.0 1 packet

should it do that? What's "IPACCESSLOGS" (note the "S")? Why isn't it
logging destination IP and protocol/port?

I assume that it is some weird side effect of the machine in question
originating IPs with 127.0.0.<x> source addresses, but it is weird anyhow.

The router logging this is a Cat5k RSM, IOS 12.0(21a).

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert@greenie.muc.de
fax: +49-89-35655025                        gert.doering@physik.tu-muenchen.de



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:11:58 EDT