Project

General

Profile

cisco-router.rules.diff

cisco router acl list names on newer devices - prmarino1-gmail-com -, 06/05/2007 10:49 PM

Download (817 Bytes)

View differences:

./cisco-router.rules 2007-06-05 16:38:48.322632700 -0400
25 25 

  		




  26
  26
  
    
# Cisco router support for Prelude-LML

  		




  27
  27
  
    
#LOG:Sep 23 07:30:41 gate 301270: 5d17h: %SEC-6-IPACCESSLOGP: list 101 denied tcp 1.2.3.4(1929) -> 5.6.7.8(80), 1 packet

  		




  28
  
  
    
regex=SEC-6-IPACCESSLOGP: list (\d+) denied (udp|tcp) ([\d\.]+)\((\d+)\).*-> ([\d\.]+)\((\d+)\), (\d+); \

  		




  
  28
  
    
#LOG:Jun  5 16:15:59 router1 8919: Jun  5 16:15:58.190 EDT: %SEC-6-IPACCESSLOGP: list somelist2 denied udp 10.12.7.4(42) -> 10.0.3.24(42), 1 packet

  		




  
  29
  
    
regex=SEC-6-IPACCESSLOGP: list (\w+) denied (udp|tcp) ([\d\.]+)\((\d+)\).*-> ([\d\.]+)\((\d+)\), (\d+); \

  		




  29
  30
  
    
 classification.text=Packet denied; \

  		




  30
  31
  
    
 classification.reference(0).origin=vendor-specific; \

  		




  31
  32
  
    
 classification.reference(0).meaning=cisco_id; \