Archive for May, 2022

Cisco ACL meaning of (8/0)

Posted: 05/30/2022 in Uncategorized
0

May 30 10:54:44.768 CEST: %FMANFP-6-IPACCESSLOGDP: SIP0: fman_fp_image: list acl-name permitted icmp 44.203.x.x -> x.x.x.x (8/0), 1 packet

meaning of (8/0)

The (8/0) and (x/0) are ICMP type and code information.

List of type codes:

    0  Echo Reply
    3  Destination Unreachable
    4  Source Quench
    5  Redirect
    8  Echo
   11  Time Exceeded
   12  Parameter Problem
   13  Timestamp
   14  Timestamp Reply
   15  Information Request
   16  Information Reply

%NAT-6-LOG_TRANSLATION GROK PATTERN

Posted: 05/23/2022 in Uncategorized
0

Source:

%NAT-6-LOG_TRANSLATION: Deleted Translation TCP 10.0.10.5:80 100.100.100.100:80 65.58.71.51:54360 65.58.71.51:54360 0

Grok pattern:

%{WORD:NAT_State} %{WORD:NAT_Type} %{WORD:NAT_Protocol} %{IPV4:NAT_Inside_local_IP}:%{BASE10NUM:NAT_Inside_local_Port} %{IPV4:NAT_Inside_global_IP}:%{BASE10NUM:NAT_Inside_global_Port} %{IPV4:NAT_Outside_local_IP}:%{BASE10NUM:NAT_Outside_local_Port} %{IPV4:NAT_Outside_global_IP}:%{BASE10NUM:NAT_Outside_global_Port}

Effect:

Send UDP packet to remote host and port

Posted: 05/13/2022 in Uncategorized
0

echo -n “hello” >/dev/udp/remotehost/8000

echo -n “hello” >/dev/udp/10.10.10.10/2222