Hi,
me again, still filtering bad packets.
The access-list in use right now looks like this:
Cisco#sh access-list vlan40in
Extended IP access list vlan40in
permit ip host x.x.x.7 any (8406 matches)
deny udp any any eq domain
deny ip any any log-input (332 matches)
(x.x.x.7 ist the "real" IP address of that machine, and that aspect
works).
The interesting part is the log-input line - it logs messages like this:
1219606: 15w4d: %SEC-6-IPACCESSLOGS: list vlan40in denied 108.122.0.0 1 packet
should it do that? What's "IPACCESSLOGS" (note the "S")? Why isn't it
logging destination IP and protocol/port?
I assume that it is some weird side effect of the machine in question
originating IPs with 127.0.0.<x> source addresses, but it is weird anyhow.
The router logging this is a Cat5k RSM, IOS 12.0(21a).
gert
-- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany gert@greenie.muc.de fax: +49-89-35655025 gert.doering@physik.tu-muenchen.de
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:11:58 EDT