[j-nsp] Filters and Logging
info at beprojects.com
info at beprojects.com
Thu Feb 24 12:08:10 EST 2005
OK, this is going to sound dumb, but I can't figure out where my J2300
is logging denied packets. If I setup a filter with the following:
filter SAMPLE {
term ESTABLISH {
from {
protocol tcp;
tcp-established;
}
then accept;
}
term ICMP {
from {
protocol icmp;
icmp-type [ echo-reply unreachable time-exceeded ];
}
then accept;
}
term DENYALL {
then {
count DENYCOUNT;
log;
discard;
}
}
}
It works the way it should, but I can't find the denied packets. I
check "show firewall log" and I see a bunch of packets with A (accept),
which I am not logging, but I don't see any denied packets. Even when I
initiate traffic from the outside and I know it is being denied, it is
not being displayed. Am I looking in the wrong place, or did I forget
something?
Also, how do I stop the A packets from being logged? I didn't enable
it, so I don't know why it's there. I am running a J2300 with 7.1R1.3.
Thanks.
Peder
More information about the juniper-nsp
mailing list