On 25 Nov 2001 at 0:42, Fatemeh Taj wrote: > Hi All, > I have a PIX 4.4 (I know it is very old, I'll upgrade > it ASAP). I get many UDP denies due to DNS response. > As I found out they cause by UDP timeout. To trace the > problem, I want to see the UDP connection duration, > and as PIX documents says it should be loged: > > ""Message %PIX-6-302006: Teardown UDP connection for > faddr IP_addr/port gaddr IP_addr/port laddr > IP_addr/port > > Explanation This is a connection-related message. > This message is logged when a UDP connection is > terminated. The duration and byte count for the > session are reported."" > > But I don't get any duration or byte counts in this > message :( The only thing I can find is just IP > addresses and ports.. > Any comments ?
That description is for v6.x of the OS. For v5 and below the description is (taken from the 5.3 notes): Explanation This is a connection-related message. This message is logged when a UDP connection is terminated. The duration and byte count for the session are reported. If the connection required authentication, the username is also reported in the last field of the message. This message is used by the PIX Firewall Manager to generate reports. As you can see there is no mention of duration or byte count. To enable these extra values you will need to install v6.0 or v6.1 of the PIX OS. Dan --- D.C. Crichton email: [EMAIL PROTECTED] Senior Systems Analyst tel: +44 (0)121 706 6000 Computer Manuals Ltd. fax: +44 (0)121 606 0477 Computer book info on the web: http://computer-manuals.co.uk/ Want to earn money? Join our affiliate network! http://computer-manuals.co.uk/affiliate/ _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
