Pages

Friday, June 28, 2013

Access list logs output not showing port numbers

Creating a dummy access list with logging enable and applying it on a interface for identifying the types of traffic tranversing the network is a quick and easy method. But it hit me that all the system message don't show the port numbers.

 *Mar 1 01:47:04.879: %SEC-6-IPACCESSLOGP: list DREAMCATCHER permitted tcp 10.1.1.3(0) -> 2.2.2.2(0), 3 packets

Dummy access list applied on the router : 
ip access-list extended DREAMCATCHER
 permit ip any any log

As explained on ioshint.info - "unless a line in the IP ACL matches on the layer-4 port numbers, the router does not inspect them; the log action thus has no port number to show in the syslog printout."

I modified the access list to : 
ip access-list extended DREAMCATCHER
 permit udp any gt 0 any gt 0 log
 permit tcp any gt 0 any gt 0 log

Voila! may there be port numbers

*Mar 1 02:09:53.403: %SEC-6-IPACCESSLOGP: list DREAMCATCHER permitted tcp 10.1.1.3(53147) -> 2.2.2.2(80), 1 packet
Posted by at No comments:
Labels: ,

Monday, May 20, 2013

Squeeze the Cisco flash to reclaim space

While working to test out some configuration with a Cisco 2600, had to upgrade/downgrade it to match the production device. During deletion of the IOS to make space for the new IOS, notice "delete" command does not remove the file from flash until I perform the "squeeze" the flash.
"On Class A Flash file systems, you can delete individual files using the delete EXEC command and later recover these files with the undelete EXEC command. The delete command marks the files as "deleted," but the files still take up space in Flash memory. To permanently delete the files, use the squeeze EXEC command. The squeeze command removes all of the files marked "deleted" from the specified Flash memory device. These files can no longer be recovered. To erase all of the files on a Flash device, use the format EXEC command."
Router#sh flash:

System flash directory:
File  Length   Name/status
  1   19223864  c2600-ik9s-mz.123-17b.bin
  2   4941492  c2600-d-mz.121-3a.bin [deleted]
[24165484 bytes used, 8864656 available, 33030140 total]
32768K bytes of processor board System flash (Read/Write)

Router#squeeze ?
  /quiet  Squeeze without progress update
  flash:  Filesystem to be squeezed

Router#squeeze flash:
Squeeze operation may take a while. Continue? [confirm]
squeeze in progress... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Rebuild file system directory...
Squeeze of flash complete

Router#sh flash

System flash directory:
File  Length   Name/status
  1   19223864  c2600-ik9s-mz.123-17b.bin
[19223928 bytes used, 13806212 available, 33030140 total]
32768K bytes of processor board System flash (Read/Write)
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)