| 1 |
On Thursday 21 April 2011 06:55:41 Mick wrote: |
| 2 |
> On Wednesday 20 April 2011 16:56:15 Harry Putnam wrote: |
| 3 |
> > Mick <michaelkintzios@×××××.com> writes: |
| 4 |
> > > Do you get the same condensed format when you capture the logs in your |
| 5 |
> > > LAN syslog server? |
| 6 |
> > |
| 7 |
> > I did not try that, but is there some reason to expect a difference? |
| 8 |
> |
| 9 |
> No, it shouldn't - after all it is the same log file that you are |
| 10 |
> accessing, but wasn't sure if the gui condensed what's reported to fit it |
| 11 |
> in the screen. |
| 12 |
> |
| 13 |
> > I have channeled logs to Syslog running on gentoo with at least 2 |
| 14 |
> > different routers in the past and saw no difference in the logs. |
| 15 |
> > |
| 16 |
> > Do you notice a difference? |
| 17 |
> |
| 18 |
> I do not have a Cisco router to try it just now, but could you have a look |
| 19 |
> at how your access lists are defined? Extended ACLs *should* show ports, |
| 20 |
> as long as ports are used in permit/deny statements and asked to be |
| 21 |
> logged; e.g. |
| 22 |
> |
| 23 |
> access-list 102 permit tcp host 10.10.10.2 eq 0 any eq 0 log |
| 24 |
> |
| 25 |
> of course IOS versions may change things, but that's how I remember it |
| 26 |
> worked. |
| 27 |
|
| 28 |
Ah! Here's what I found: |
| 29 |
|
| 30 |
http://blog.ioshints.info/2007/06/port-number-not-shown-in-access-list.html |
| 31 |
-- |
| 32 |
Regards, |
| 33 |
Mick |
Archives