Access-List Logging Rate Limit

From: nhatphuc (nhatphuc@gmail.com)
Date: Wed Jan 23 2008 - 14:56:51 ARST

• Next message: nhatphuc: "Access-List Logging Rate Limit"
• Previous message: Topass Mustpass: "RE: BGP-Next hop self ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Group,

My router is under login attack. There're many logged messages output on
console:

Jan 23 23:40:43 : %SEC-6-IPACCESSLOGP: list sl_def_acl denied tcp
192.248.88.10(36752) -> 0.0.0.0(22), 1 packet
Jan 23 23:40:44 : %SEC-6-IPACCESSLOGP: list sl_def_acl denied tcp
192.248.88.10(37556) -> 0.0.0.0(22), 1 packet
Jan 23 23:40:46 : %SEC-6-IPACCESSLOGP: list sl_def_acl denied tcp
192.248.88.10(37737) -> 0.0.0.0 (22), 1 packet

I've configured rate limit for access-list like this:

ip access-list logging interval 30000
ip access-list log-update threshold 10000

But there are still many messages outputted. How can I slow it down? And how
to use access-list rate limit feature? I think the parameters I configured
are rather high but they didn't help.

Thanks

Phuc

• Next message: nhatphuc: "Access-List Logging Rate Limit"
• Previous message: Topass Mustpass: "RE: BGP-Next hop self ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:38:01 ARST