From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QCmtJ-0004Xj-3N for garchives@archives.gentoo.org; Thu, 21 Apr 2011 05:57:25 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 02EA21C040; Thu, 21 Apr 2011 05:56:01 +0000 (UTC) Received: from mail-wy0-f181.google.com (mail-wy0-f181.google.com [74.125.82.181]) by pigeon.gentoo.org (Postfix) with ESMTP id AD8891C040 for ; Thu, 21 Apr 2011 05:56:01 +0000 (UTC) Received: by wyi11 with SMTP id 11so1575824wyi.40 for ; Wed, 20 Apr 2011 22:56:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:from:reply-to:to:subject:date:user-agent :references:in-reply-to:mime-version:content-type :content-transfer-encoding:message-id; bh=y2lBRXzEbS9YSs1LTmTUINlzsUUNX2SkIKj+oIidrwI=; b=D8/WZ4D6uabxE2ELGc83bjzjArv2hzWmtg5Fauxshlhjen+jflqtThzw+/xj+TaTJY mJ4I+v2Oq56nFEtFNPlFAoIOSWJIe1MTeicb9ANWPWEYQU8MDPw1Zn6oVRDtGSe8gEJO j/0IVOU/cWqxpRAPfhYUNJm3KQ/GlEGweihiQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:reply-to:to:subject:date:user-agent:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; b=eT+AGBFfZ2XaQIWg7r6VBI/Ri1BLGL6A++kFBwQ4OP7KobYxnCojdjGelDgv6C9ERf 1BRqAtlZfez8tlifHAKqBM4ac8fZ/WtuVJ1UUHTokzHtZIBzMZxwLEg6Hn3Q+MK3ABF5 bt9W/eMHvxEOhxQ/katMn51p9FN5itvh21YE4= Received: by 10.216.122.10 with SMTP id s10mr1641489weh.34.1303365360426; Wed, 20 Apr 2011 22:56:00 -0700 (PDT) Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa [217.169.3.230]) by mx.google.com with ESMTPS id z50sm766599weq.47.2011.04.20.22.55.22 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 20 Apr 2011 22:55:22 -0700 (PDT) From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: [OT router advice] a router capable of detailed logs Date: Thu, 21 Apr 2011 06:55:41 +0100 User-Agent: KMail/1.13.5 (Linux/2.6.37-gentoo-r4; KDE/4.4.5; x86_64; ; ) References: <878vv69asl.fsf@newsguy.com> <201104190702.13482.michaelkintzios@gmail.com> <87aafk6hnk.fsf@newsguy.com> In-Reply-To: <87aafk6hnk.fsf@newsguy.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2521234.RAFvndbieX"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <201104210655.52489.michaelkintzios@gmail.com> X-Archives-Salt: X-Archives-Hash: 69c2a9a038b48c5d3b64f1c0ffb44be2 --nextPart2521234.RAFvndbieX Content-Type: Text/Plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On Wednesday 20 April 2011 16:56:15 Harry Putnam wrote: > Mick writes: > > Do you get the same condensed format when you capture the logs in your > > LAN syslog server? >=20 > I did not try that, but is there some reason to expect a difference? No, it shouldn't - after all it is the same log file that you are accessing= ,=20 but wasn't sure if the gui condensed what's reported to fit it in the scree= n. > I have channeled logs to Syslog running on gentoo with at least 2 > different routers in the past and saw no difference in the logs. >=20 > Do you notice a difference? I do not have a Cisco router to try it just now, but could you have a look = at=20 how your access lists are defined? Extended ACLs *should* show ports, as l= ong=20 as ports are used in permit/deny statements and asked to be logged; e.g. access-list 102 permit tcp host 10.10.10.2 eq 0 any eq 0 log of course IOS versions may change things, but that's how I remember it work= ed. =2D-=20 Regards, Mick --nextPart2521234.RAFvndbieX Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEABECAAYFAk2vxugACgkQVTDTR3kpaLbPPQCfZl6e351+aE2+4gbEgI8xOy8b 5icAn35NuZTiPdoC8Myf9VXOr/kG2Vfi =/ah2 -----END PGP SIGNATURE----- --nextPart2521234.RAFvndbieX--