From: David Heaton (David.Heaton@citec.com.au)
Date: Thu May 15 2003 - 04:11:54 GMT-3
or
deny tcp any gt 0 any gt 0 log
deny udp any gt 0 any gt 0 log
debug ip packet <aclx> detail dump
to see the packet contents
David Heaton
www.citec.com.au, Your business solutions partner
>>> "balaji.balakrishnan" <balaji.balakrishnan@swift.com> 15/05/03 1:09:50 am >>>
Port "0" means you don't have port range configured on the access-list to log. You should try this if you want to log the ports.
access-lits 103 permit udp any range 0 65535 any range 0 65535 log
-Bala
Tim Fletcher wrote:
> If I remember correctly, "(0)" is what you get for the port when there are no ports specified on your access list. Try adding "range 0 65535" to your access list so you can see what ports are in use.
>
> -Tim Fletcher #11406
>
> At 04:23 PM 5/13/03 -0700, Deepesh Chouhan wrote:
> >Hi
> >
> >I don't think this is DHCP
> >21:54:45: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >255.255.255.255(0), 1349 packet
> >
> >>From this
> >L3-src = 0.0.0.0
> >L3-dest = 255.255.255.255
> >l4-src = 0
> >l4-dest = 0
> >incoming PPS = 1350 pkts / 4 minutes
> >
> >For DHCP l4-dest should be 67/68
> >
> >Something else is wrong ? Do you have sniffer on LAN ? Can you capture the
> >packet ?
> >
> >thanks
> >deepesh
> >
> >
> >
> >
> >
> >> -----Original Message-----
> >> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> >> Daniel Cisco Group Study
> >> Sent: Tuesday, May 13, 2003 1:19 PM
> >> To: Shahid Shafi
> >> Cc: ccielab@groupstudy.com
> >> Subject: RE: UDP broadcasts??
> >>
> >>
> >> DHCP clients looking for a DHCP server???
> >>
> >> Daniel
> >>
> >>
> >> -----Original Message-----
> >> From: Shahid Shafi [mailto:sshafi@qualcomm.com]
> >> Sent: Tuesday, 13 May 2003 10:28 PM
> >> To: ccielab@groupstudy.com
> >> Subject: FW: UDP broadcasts??
> >>
> >>
> >> -----Original Message-----
> >> From: Shahid Shafi [mailto:sshafi@qualcomm.com]
> >> Sent: Tuesday, May 13, 2003 5:25 AM
> >> To: 'cisco@groupstudy.com'
> >> Cc: 'ccie@groupstudy.com'
> >> Subject: UDP broadcasts??
> >>
> >>
> >> hi gurus,
> >>
> >> Any idea why a neighbouring router will send these packets?
> >>
> >> 21:54:45: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1349 packets
> >> 21:59:46: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1351 packets
> >> 22:04:46: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1351 packets
> >> 22:09:46: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1349 packets
> >> 22:14:46: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1352 packets
> >> 22:19:46: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1349 packets
> >> 22:24:46: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1350 packets
> >> 22:29:46: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1349 packets
> >> 22:34:47: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1! 350 packets
> >> 22:39:47: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255.
> >> 255(0), 1351 packets
> >> 22:42:26: %SEC-6-IPACCESSLOGP: list 103 permitted udp 0.0.0.0(0) ->
> >> 255.255.255
> >>
> >> TIA
> >> Shahid
> >>
> >>
> >> **********************************************************************
> >> This email and any files transmitted with it are confidential and
> >> intended solely for the use of the individual or entity to whom they
> >> are addressed. If you have received this email in error please notify
> >> the system manager.
> >> This footnote also confirms that this email message has been swept by
> >> MIMEsweeper for the presence of computer viruses.
> >> www.mimesweeper.com
> >> **********************************************************************
[GroupStudy removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:43 GMT-3