Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1233
Views
0
Helpful
2
Replies

Custom signature

khanj
Level 1
Level 1

‎12-16-2004 09:15 PM - edited ‎03-10-2019 01:11 AM

Hi,

I have configured an Atomic.TCP signature to log any TCP session when it establishes or resets. Attached is the signature. Please advice what`s wrong with that signature. It is not sensing TCP session despite I have configured the specified ports.

Regards

Labels:
Preview file
29 KB
0 Helpful
2 Replies 2

micballa
Level 1
Level 1

‎12-17-2004 07:45 AM

I believe the "Mask" and "TcpFlags" parameters might be causing your trouble. This signature will only fire when both the PSH and ACK flags are set. You want it set to either SYN for the client's connection, or SYN ACK for the server to detect the connection establishment. You will need another signature where you are looking for the RST flag, to detect the reset case.

0 Helpful

khanj
Level 1
Level 1
In response to micballa

‎12-17-2004 10:29 PM

Did as per your instruction but same result.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card