PIX: logging working badly

venancio.martinez · ‎10-17-2003

We have a Pix 515 with some rules, and when we put in one rule the logging option, all the buffer logging is working bad. It seems to be a bug. We have software 6.3(1).

TIA

mostiguy · ‎10-17-2003

What do you mean by it is working bad? Is it not showing enough data? The logging buffer is a small fixed size, so it isn't a real solution to log lots of data.

venancio.martinez · ‎10-20-2003

Working bad is because when a log is aplied on a rule, even if there is no traffic, the pdm gets slower and slower.

It doesn't depend on the amount of data, is the fact of putting log in a rule.

jlebaron · ‎10-17-2003

The buffer isnt that big...You'll probably want to log it to a syslog server

venancio.martinez · ‎10-20-2003

It is not a problem of size. We want this feature to control if a rule is being used or not. We would like to have a better way than "sh access-list" in CLI-mode.

nkhawaja · ‎10-20-2003

Hi,

So you are saying you have "log" keyword at the end of an access-list entry. And this is causing the trouble? Yes it may cause a lot of cpu resources if there is a lot of traffic on this rule. But still you need to use SYSLOG server. You also be cautious in using such a rule for logging. This is not a bug.

Thanks

Nadeem