The issue that you encounter is not platform specific but is general accross IOS. If the access list does not examine ports (if the permit and deny is based solely on IP addresses) then the log entries can not report vlaues for ports. If the access list does check ports then the log can report port values.
I believe that if you add these entries to the accesss list that you will get the port values that you want:
access-list 110 deny tcp 10.0.0.0 0.255.255.255 range 1 65535 any range 1 65535
access-list 110 deny udp 10.0.0.0 0.255.255.255 range 1 65535 any range 1 65535
access-list 110 deny ip 10.0.0.0 0.255.255.255 any
set the logging level to 6(informational) and send the output to a syslog server (or increase the logging buffer and send it to the local buffer)**....however note the following:
The 6500 performance-wise is optimized for the acls to be executed from hardware (tcam programming). If you add the 'logging' keyword to the acl it will force acl processing into software. You should see logging entries and accumalation, however the performance will suffer. I may do this for testing but not as a long term solution. If feasable, a NAM module for the 6500 would be a good long-term solution. A cheaper solution than that would be just to SPAN the vlan(s) to an interface with PC running Ethereal(sniffer) and collect copies of traffic. Both NAM and SPAN have much less impact on performance than forcing acls into software.
**(if you do not get any output from the above, you can always issue a 'debug ip packet acl# detail', set the logging level to 7(debug). Just be careful in a production environment not to enable console logging or the cpu may shoot up) however before taking this step, look into control plane policing.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.