Hello Alex: > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:cisco-nsp- > [EMAIL PROTECTED] On Behalf Of Wilkinson, Alex > Sent: Tuesday, September 23, 2008 6:07 AM > To: cisco-nsp@puck.nether.net > Subject: Re: [c-nsp] debugging all incoming traffic on an interface > > 0n Mon, Sep 22, 2008 at 06:52:21PM -0400, Jason Lixfeld wrote: > > >Attaching a access-list 100 permit ip any any log-input to the > >interface and/or subinterface via ip access-group didn't show > >anything - the interface counters > > Curious ... since I dont have the luxury to play with cisco kit all day (jack > of > trades ...) can someone please give me a quick explanation as to how creating > an > ACL on an interface helps with debugging that interface ? > > -aW > > IMPORTANT: This email remains the property of the Australian Defence > Organisation and is subject to the jurisdiction of section 70 of the CRIMES > ACT 1914. If you have received this email in error, you are requested to > contact the sender and delete the email. > AFAIK it doesn't. However, you can apply ACL's to your debug setup as a filter. The filter below would only match traffic from 192.168.1.0/24 to 192.168.2.0/24
debug ip packet 199 access-list 199 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 log Regards, Mike
PGP.sig
Description: PGP signature
_______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/