From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QCmw5-0004k3-32 for garchives@archives.gentoo.org; Thu, 21 Apr 2011 06:00:17 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 196031C043; Thu, 21 Apr 2011 05:58:24 +0000 (UTC) Received: from mail-ww0-f53.google.com (mail-ww0-f53.google.com [74.125.82.53]) by pigeon.gentoo.org (Postfix) with ESMTP id BA5751C043 for ; Thu, 21 Apr 2011 05:58:23 +0000 (UTC) Received: by wwj40 with SMTP id 40so1533102wwj.10 for ; Wed, 20 Apr 2011 22:58:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:from:reply-to:to:subject:date:user-agent :references:in-reply-to:mime-version:content-type :content-transfer-encoding:message-id; bh=XPoG0KwFzPeYs2HQBFD23Y7vB3X6whYFfgeYbkPx2DA=; b=uv7X0wPd8ndTZX0PDFiYNhBw+l0Jp02cEkkQ2M17HK9El0xQqdoOTRjH34r5JZi+Ay a9Fe/JY7JTDutVHUrfDpDw0eWKYYyS76mFBB6ep2bF6/xKxN4AZFbxLSIwmHSAK+VSII HbQz2SdJmFhv7tn+/aXIvPArVSdx2NiyfDQCM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:reply-to:to:subject:date:user-agent:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; b=FbclYsrYecyS4jjFy1qALBHe5RaG2GZblENY/TliGuQkYHxlTWNHwuoIZQB2qhtkaD 30t8D4P9JQZIHeEDaF63y0MigwlTwDv1y/EdKK07LH7G0dnVjXmV0a9zufGYYjv8I98p e3CUDvQZJrC5kauq8AZMIgrIzPijqVX/gWYRs= Received: by 10.227.61.9 with SMTP id r9mr3118000wbh.208.1303365502860; Wed, 20 Apr 2011 22:58:22 -0700 (PDT) Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa [217.169.3.230]) by mx.google.com with ESMTPS id ed10sm964095wbb.49.2011.04.20.22.58.20 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 20 Apr 2011 22:58:21 -0700 (PDT) From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: [OT router advice] a router capable of detailed logs Date: Thu, 21 Apr 2011 06:58:48 +0100 User-Agent: KMail/1.13.5 (Linux/2.6.37-gentoo-r4; KDE/4.4.5; x86_64; ; ) References: <878vv69asl.fsf@newsguy.com> <87aafk6hnk.fsf@newsguy.com> <201104210655.52489.michaelkintzios@gmail.com> In-Reply-To: <201104210655.52489.michaelkintzios@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart5560999.455ZxV2iAW"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <201104210658.50766.michaelkintzios@gmail.com> X-Archives-Salt: X-Archives-Hash: 76bf9b6a706e7b19a48ba78f04b41f10 --nextPart5560999.455ZxV2iAW Content-Type: Text/Plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On Thursday 21 April 2011 06:55:41 Mick wrote: > On Wednesday 20 April 2011 16:56:15 Harry Putnam wrote: > > Mick writes: > > > Do you get the same condensed format when you capture the logs in your > > > LAN syslog server? > >=20 > > I did not try that, but is there some reason to expect a difference? >=20 > No, it shouldn't - after all it is the same log file that you are > accessing, but wasn't sure if the gui condensed what's reported to fit it > in the screen. >=20 > > I have channeled logs to Syslog running on gentoo with at least 2 > > different routers in the past and saw no difference in the logs. > >=20 > > Do you notice a difference? >=20 > I do not have a Cisco router to try it just now, but could you have a look > at how your access lists are defined? Extended ACLs *should* show ports, > as long as ports are used in permit/deny statements and asked to be > logged; e.g. >=20 > access-list 102 permit tcp host 10.10.10.2 eq 0 any eq 0 log >=20 > of course IOS versions may change things, but that's how I remember it > worked. Ah! Here's what I found: http://blog.ioshints.info/2007/06/port-number-not-shown-in-access-list.html =2D-=20 Regards, Mick --nextPart5560999.455ZxV2iAW Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEABECAAYFAk2vx5oACgkQVTDTR3kpaLZd6QCeN1uy1qxwFq8B1KPlSsmulCE8 Z6kAoLeZ72shqtbrtRlZF6HQzH9E1xkA =UJSn -----END PGP SIGNATURE----- --nextPart5560999.455ZxV2iAW--