11-13-2002 05:55 AM - edited 03-02-2019 02:50 AM
Hi everybody
Who can explain the difference between IPACCESSLOGP, IPACCESSLOGDP and IPACCESSLOGNP. This messages are displayed when the log option in an ACL is enabled.
Thanks
Roland
11-14-2002 09:27 AM
Roland,
The following are the meaning to these SEC logs.
IP security error messages
Error Message
%SEC-6-IPACCESSLOGDP: list [chars] [chars] [chars] [int] [chars]- [int]
([dec]/[dec]), [dec] packet[chars]
Explanation A packet matching the log criteria for the given access list was
detected.
Recommended Action No action is required.
Error Message
%SEC-6-IPACCESSLOGNP: list [chars] [chars] [dec] [int] [chars]- [int], [dec]
packet[chars]
Explanation A packet matching the log criteria for the given access list was
detected.
Recommended Action No action is required.
Error Message
%SEC-6-IPACCESSLOGP: list [chars] [chars] [chars] [int]([dec]) [chars]-
[int]([dec]), [dec] packet[chars]
Explanation A packet matching the log criteria for the given access list was
detected.
Recommended Action No action is required.
Please see the following URL (Sec Error Messages) for more information:
Hope this helps,
Don
11-18-2002 10:37 AM
Hi Don
thanks for your information I really do apreciated.
Roland
11-14-2002 10:25 AM
I have not found any direct information but I would believe that looking at the log message that each entry is for a "type" of protocol. Either udp, tcp, icmp and nonspecific protocol:
(ICMP)
IPACCESSLOGDP: list 102 permitted icmp 194.159.102.1 -> 148.81.4.16 (3/3),
TCP/UDP:
IPACCESSLOGP: list 102 permitted tcp 149.156.96.9(40040) ->
Nonspecific protocol (neither tcp/udp/icmp etc)
IPACCESSLOGNP: list 102 permitted 4 193.59.0.12 -> 148.81.58.1, 1
==DMT>
12-19-2013 11:58 AM
I know this post is old but I was looking for this information and found the following link that explains the different log message identifiers. Hopefully if someone else is looking this will help.
http://www.cisco.com/web/about/security/intelligence/acl-logging.html
Identifier | IPv4 or IPv6 | Applicable Protocols |
---|---|---|
%SEC-6-IPACCESSLOGP | IPv4 | TCP (6) and UDP (17) |
%SEC-6-IPACCESSLOGSP | IPv4 | IGMP (2) |
%SEC-6-IPACCESSLOGRP | IPv4 | IPinIP (4), GRE (47), EIGRP (88), OSPF (89), NOSIP (94), and PIM (103) |
%SEC-6-IPACCESSLOGDP | IPv4 | ICMP (1) |
%SEC-6-IPACCESSLOGNP | IPv4 | Used for all other IPv4 protocols |
%IPV6-6-ACCESSLOGP | IPv6 | TCP (6), UDP (17), and SCTP (132) |
%IPV6-6-ACCESSLOGSP | IPv6 | TCP (6), UDP (17), SCTP (132), and ICMPv6 (58) with unknown Layer 4 information |
%IPV6-6-ACCESSLOGDP | IPv6 | ICMPv6 (58) |
%IPV6-6-ACCESSLOGNP | IPv6 | Used for all other IPv6 protocols |
12-22-2013 01:07 PM
This is an interesting and helpful chart. Thank you for posting it. and +5 for the good post.
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: