Hi,
Depends on what your are really trying to achieve. If you have plenty of
head room in your router you could just add stuuf to an access-list and send
the list to a syslog. Cheap nasty but a good way to solve issues.
access-list 101 permit icmp any any log
access-list 101 permit tcp any any lt 100 log
access-list 101 permit tcp any any gt 99 log
access-list 101 permit udp any any lt 100 log
access-list 101 permit udp any any gt 99 log
The trick is to put the port numbers in (lt 100 etc) this will then tell you
what address/port is talking to address/port.
If you put this at the end of an existing access-list in place of the permit
ip any any you should get what you need.
On a busy link however this generates heaps of information but it is a nice
way to find what you don't want on your network
BE AWARE OF ANY PRIVACY ISSUES THAT MIGHT ARISE DOING THIS SORT OF STUFF.
Just a thought,
Teunis,
Hobart, Tasmania
Australia
On Tuesday, August 28, 2001 at 03:03:47 PM, cisco skin wrote:
> Here's what I want to do:
>
> Log all traffic (source/destination ip address/port #) from a specific
> subnet (our HQ) to see what's passing through our external router, and
where
> they're going.
>
> Any suggestions?
>
> Thanks,
> Jeff
--
www.tasmail.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17772&t=17559
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
