your acl specifies only ip, so ip is all what the acl is looking at. the ip
protocol itself has no ports, so there are no ports to look at. the sub-
protocols (hope it is correct to call them this way) udp and tcp have ports,
so the acl would look like:
access-list 101 permit tcp any gt 0 any gt 0 log-input
access-list 101 permit udp any gt 0 any gt 0 log-input
access-list 101 permit ip any any log-input
if you leave the 'gt 0' out it will not give you the ports of the packets.
probably because the router does not have to look at the port information
to decide if the acl-line matches or not.
greetings
Reinhold
--
Reinhold Fischer [EMAIL PROTECTED]
CCNP/SunCSA/HP Certified Consultant for Network Management
On Sun, 17 Sep 2000, Mohammed Hussain wrote:
> Hi
>
> I applied access-list for serial inbound to see the traffic. But logging is
> now
> showing the source & destination ports. How can I see the tcp & udp ports in
> log?
>
> access-list 101 permit ip any any log-input
>
> 2w5d: %SEC-6-IPACCESSLOGP: list 101 permitted tcp 192.168.103.37(0) (Serial0
> *HD
> LC*) -> 192.168.100.149(0), 1 packet
> 2w5d: %SEC-6-IPACCESSLOGP: list 101 permitted tcp 192.168.103.55(0) (Serial0
> *HD
> LC*) -> 192.168.100.158(0), 1 packet
> 2w5d: %SEC-6-IPACCESSLOGP: list 101 permitted udp 192.168.103.55(0) (Serial0
> *HD
> LC*) -> 192.168.100.158(0), 1 packet
> 2w5d: %SEC-6-IPACCESSLOGP: list 101 permitted tcp 192.168.103.67(0) (Serial0
> *HD
> LC*) -> 192.168.100.74(0), 1 packet
>
>
> Mohammed Hussain
>
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
