Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm using the following script to pull out the source port from a syslog message generated by an ACL. The intent is to grab the destination port for use later in the script:no event manager applet REDIRECTevent manager applet REDIRECTevent syslog pa...
Here's a simple explanation. The ACL is matching the destination port for http, telnet, and rdp. So you can apply it many many places. Here are the two most common:1) Closest to the source (the default gateway/SVI for clients) in an inbound direct...
If you absolutely must use an ACL for http(tcp/80),telnet(tcp/23),rdp(tcp/3389, it would be written as follows:access-list 100 permit tcp any any eq www syn logaccess-list 100 permit tcp any any eq telnet syn logaccess-list 100 permit tcp any any eq ...
If your requirement is to determine which hosts are contacting your server on port 80, there are a couple of ways to tackle it. Since http is tcp based, you could write an ACL that would only match packets with the TCP SYN flag (0x2) set. This woul...
