Firewall Wizards mailing list archives

RE: Problems logging deny's on Cisco Routers?

From: "Manson, Jim" <MANSO001 () dcri duke edu>
Date: Mon, 26 Apr 2004 09:21:02 -0400

You're right. Sorry. I split all of mine into the following for logging
purposes:

deny tcp any any range 0 65535 log
deny udp any any range 0 65535 log


Jim

-----Original Message-----
From: Luca Berra [mailto:bluca () comedia it] 
Sent: Friday, April 23, 2004 5:05 PM
To: firewall-wizards () honor icsalabs com
Subject: Re: [fw-wiz] Problems logging deny's on Cisco Routers?

On Thu, Apr 22, 2004 at 04:21:00PM -0400, Manson, Jim wrote:

Scott,

I know this is a late post, and you may have resolved this already, but try
adding a port range:

deny ip any any range 0 65535 log


ip protocol does not have notion of ports.

L.

-- 
Luca Berra -- bluca () comedia it
        Communication Media & Services S.r.l.
 /"\
 \ /     ASCII RIBBON CAMPAIGN
  X        AGAINST HTML MAIL
 / \
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

RE: Problems logging deny's on Cisco Routers? Manson, Jim (Apr 22)
- Re: Problems logging deny's on Cisco Routers? Luca Berra (Apr 23)
- <Possible follow-ups>
- RE: Problems logging deny's on Cisco Routers? Manson, Jim (Apr 27)