[fwAnalog] fwanalog-0.6.2 and PIX (6.2.1)

From: Mike Hogsett (hogsett~AT~csl.sri.com)
Date: Wed Jan 29 2003 - 01:21:26 CET



Analog does not appear to be parsing my PIX log properly.

My logs consists primarily of message such as the following :

Jan 28 02:04:30 pix-inside %PIX-3-106010: Deny inbound tcp src outside:67.200.184.237/1262 dst inside:10.107.96.170/80 
Jan 28 02:01:08 pix-inside %PIX-3-106010: Deny inbound udp src outside:216.143.1.229/1321 dst inside:10.107.96.213/1434 
Jan 28 06:17:47 pix-inside %PIX-3-106010: Deny inbound icmp src outside:80.181.210.80 dst inside:10.107.96.229 (type 8, code 0) 

Jan 28 00:21:50 pix-inside %PIX-3-106011: Deny inbound (No xlate) tcp src outside:217.228.221.121/1233 dst outside:10.47.243.45/80 
Jan 28 00:29:03 pix-inside %PIX-3-106011: Deny inbound (No xlate) udp src outside:219.165.208.135/45837 dst outside:10.47.243.81/137 Jan 28 07:49:32 pix-inside %PIX-3-106011: Deny inbound (No xlate) icmp src outside:217.226.107.93 dst outside:10.47.243.211 (type 8, code 0)
Jan 28 00:01:38 pix-inside %PIX-4-106023: Deny tcp src outside:213.22.40.190/1381 dst inside:10.107.8.6/445 by access-group "ACL-FROM-OUTSIDE" 
Jan 28 00:01:38 pix-inside %PIX-4-106023: Deny udp src outside:24.200.88.234/1025 dst inside:10.107.31.183/137 by access-group "ACL-FROM-OUTSIDE"
Jan 28 00:41:42 pix-inside %PIX-4-106023: Deny icmp src outside:128.9.160.165 dst inside:10.107.19.103 (type 8, code 0) by access-group "ACL-FROM-OUTSIDE" 
Jan 28 01:48:01 pix-inside %PIX-4-106023: Deny protocol 4 src outside:131.119.0.197 dst inside:10.107.16.135 by access-group "ACL-FROM-OUTSIDE" 



This archive was generated by hypermail 2.1.5 : Sat Feb 01 2003 - 16:02:02 CET