On Fri, 6 Jul 2001, MIKE DONOFRIO wrote: > Just FYI > > Using ACL's does limit the information you get to the Syslog server > compared to what you would get using Conduits. Cisco was supposed to > be working on a fix for it. On Revisions of code before 5.3.1 you > would just get Protocol XX (ie 6,17,1) and no port.. At least after > 5.3.1 you get TCP,UDP... I have contacted Cisco several times on this > issue and I get the "Next Release" responce :) Anyone know if this is > fixed in 6.0? > Is this message %PIX-4-106023 you are asking about? A 6.0(1) deny (by acl/access-group) example looks like: %PIX-4-106023: Deny tcp src intf2:7.81.50.9/2560 dst inside:62.18.9.1/22 by access-group "in_mylist" (IPs randomized to protect the guilty). This is on a PIX that does not have names on its interfaces.. I have not seen any bcast/mcast traffic on this device to see what it logs.. Now that the ACL log entries provide enough information, we can all migrate away from conduit style configs per cisco docs.. woohoo.. cheers, -- jason -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sat Jul 07 2001 - 09:50:34 PDT