Re: [Declude.JunkMail] WAY OT: Syslog entries from Cisco ACL question
-- Original Message -- From: "Rick Davidson" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Wed, 8 Dec 2004 15:17:27 -0500 >Does anyone know what traffic uses a destination and source port of 0? FYI: >From the Internet Protocols Handbook published by the Coriolis Group, >Scottsdale, AZ: The TCP and UDP port number spaces are divided into three sections: Well-known ports (0 through 1023) Registered ports (1024 through 49151) Dynamic or private ports (49152 through 65535) The first section is controlled by the IANA, and port 0 for both TCP and UDP is reserved. -- Kim W. Premuda FastWave Internet Services San Diego, CA -- --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] WAY OT: Syslog entries from Cisco ACL question
Rick, My understanding is if the packet is rejected or allowed before the port information is needed for comparison Cisco IOS will log it as port 0. Darrell Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, MRTG Integration, and Log Parsers. Rick Davidson writes: Does anyone know what traffic uses a destination and source port of 0? Or what else I should look for? This is a Novell/windows network I have something odd going on at a large branch office so I added an acl to log the inbound and outbound traffic permit ip any any log permitted tcp 10.10.0.72(0) -> 10.10.9.18(0), 1 packet permitted udp 10.10.0.98(0) -> 10.10.9.10(0), 1 packet I have ALOT of lines with many source and destination addresses, the IPs are valid for the network Thanks for any help Rick Davidson National Systems Manager North American Title Group - --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] WAY OT: Syslog entries from Cisco ACL question
Does anyone know what traffic uses a destination and source port of 0? Or what else I should look for? This is a Novell/windows network I have something odd going on at a large branch office so I added an acl to log the inbound and outbound traffic permit ip any any log permitted tcp 10.10.0.72(0) -> 10.10.9.18(0), 1 packet permitted udp 10.10.0.98(0) -> 10.10.9.10(0), 1 packet I have ALOT of lines with many source and destination addresses, the IPs are valid for the network Thanks for any help Rick Davidson National Systems Manager North American Title Group - --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.