02-03-2003 04:06 AM - edited 02-20-2020 10:32 PM
Hi.
How can i implement connection tracking acl on pix firewall?
Like cisco ios "access-list permit ip any any gt 1024 established".
Thanks.
02-03-2003 10:40 AM
The PIX does this much better than a router and you do not even need an ACL entry. Make sure you are logging the following syslog messages:
302013 - Built TCP connection
302014 - Teardown TCP connection
302015 - Built UDP connection
302016 - Teardown UDP connection
For details,
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/syslog/pixemsgs.htm
I wrote a perl script that is capable of quickly summarizing information gathered by these messages. I could send it to you if you like.
Kevin
02-04-2003 11:08 AM
I would like a copy of the script, please! Can you post it here? Thanks!
02-04-2003 12:32 PM
The script did not transfer well into the message box. I can email to you if you like?
Kevin
02-04-2003 01:58 PM
02-11-2003 03:00 PM
02-05-2003 11:33 PM
Ok thanks, send me at
02-05-2003 11:38 PM
And i cannot implenet nothing to do connection tracking???
02-06-2003 06:46 AM
Kevin, could you also send me the script! i have beenlooking for something like that (didn't want to reinvent the wheel)
thanks!
02-06-2003 09:30 AM
Kevin, I'd love a copy of the script as well. matthew.richard@cocc.com.
If anyone is interested I have also written a perl script that shows all unusual messages as well as summaries of all denied packets. I have a version for the Pix 6.2 log files and one for IOS 12.x log files. Not sure if it is the same as Kevin's but I would be happy to share on request.
02-11-2003 08:17 AM
Kevin, could you send the script to me @ jfanter@stlcc.edu. Thanks
Jon F.
02-11-2003 10:14 AM
02-11-2003 01:14 PM
Kevin could I get a copy of that script e-mailed to me also..
robert.mcclain@lendersservice.com
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide