Is there a way to identify what addresses is a spammer attacking? Very much like NBAR that reports protocols accounting by interface, we need to be able to tell a list of ip addresses (or networks) an interface is reaching.
If you are trying to use your router to block the spamming you are receiving, do a show ip packet detail and pick through it to find the ports. Look at every one of your ip addresses, check them against the ones in his email server to find out which ones are spam. If you are using caching, please see bug CSCdx05705.
More on this problem... I suspect one of our users may be sending spam; we detect high volumes of traffic in protocols smtp and pop3 by the use of NBAR. Now, unless someone complains about being targets from SPAM from us, and that complain actually reaches us (cursing aloud is not enough!) I may not be aware our network is being used for spamming.
What I want is to track to which IPs this user is sending most of his traffic and then I *proactively* would contact their network admins and ask them *basically* "Do you hate me? Sorry.. it's us but it is not me!", and then have arguments to ask our user to stop his behaviour.
Is there any other way embedded in the router to achieve this?
Already we are looking into installing a sniffer and take it from there... but hoped the router had a way to do it.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...