[c-nsp] In your opinions, is this an IOS bug or not?

Ted Mittelstaedt tedm at toybox.placo.com
Sat Mar 5 02:23:53 EST 2005



> -----Original Message-----
> From: Luan Nguyen [mailto:luan.nguyen at mci.com]
> Sent: Friday, March 04, 2005 5:32 AM
> To: Ted Mittelstaedt; cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] In your opinions, is this an IOS bug or not?
>
>
> There is a bug with http inspect in CBAC.  I could dig up the
> bug number if
> you need to.  But just get rid of that line and let tcp does
> the inspect and
> you should be fine :)
>

Luan, if you can't be bothered to read the post please don't waste time
replying to it.  Please reread the following:

" So, I pull the inspection statement covering http from
their router.  voila - instantly they are now getting the 3MB.  This
lasts
for about 8 hours and then its crawling again.  So, I remove every scrap
and
trace of any IOS Firewall inspection statements and reboot the router and
everything is now fine."

Was it somehow unclear that I already knew that getting rid of the line
and letting tcp do the inspect would fix the problem?

I appreciate the effort but when you don't pay attention to the post,
the old GIGO rule applies and I can't use anything you come up with.

Unfortunately, the following day after I wrote that post guess what -
the router died again.  And there were NO INSPECTION STATEMENTS
WHATSOEVER
in it.  I went ahead and put it to a non-IOS Firewall feature set, we
will see how long that lasts.

Ted



More information about the cisco-nsp mailing list