[nsp] prolly a well-known bug, but..

Len Rose len at netsys.com
Tue Jul 22 01:14:42 EDT 2003


Here is the access list in question, it's
an inbound port attached via 100FDX ether.

access-list 101 deny 53 any any log
access-list 101 deny 55 any any log
access-list 101 deny 77 any any log
access-list 101 deny 103 any any log
access-list 101 permit ip 1.2.2.0 0.0.0.255 any
access-list 101 permit ip 1.2.3.0 0.0.0.255 any
access-list 101 permit ip 1.2.4.0 0.0.0.255 any
access-list 101 permit ip 1.2.5.0 0.0.0.255 any
access-list 101 permit ip 1.2.6.0 0.0.0.255 any
! permit foo.com to monitor router port
access-list 101 permit icmp host 1.2.3.10 host 5.6.7.8
! block all ip to router interfaces
access-list 101 deny ip any host 5.6.7.8 log 
access-list 101 permit ip any any

I wrote:

> Can anyone tell me if this is something that's well known, for some
> reason after upgrading to 12.07 T3 (7206) an inbound acl stops reporting
> the source and destination port (setting same to 0)..

> i.e.
> 
> Jul 21 23:34:11 foo 52924: Jul 21 23:34:10: %SEC-6-IPACCESSLOGP: list 101 denied tcp 1.2.3.4(0) -> 5.6.7.8(0), 11 packets

I also tried these in to see if it would solve the src/dest issue 
but it didn't matter..


access-list 101 deny tcp any host 5.6.7.8 log 
access-list 101 deny udp any host 5.6.7.8 log

Thanks

Len


More information about the cisco-nsp mailing list