RE: Cisco ACL doubt

["Jeffery Chen" <jechen () rim com>]

Log-input keyword in the ACL will log any packets entering this
interface. 

-----Original Message-----
From: 345345 () gmail com [mailto:345345 () gmail com] 
Sent: July 3, 2005 10:09 AM
To: security-basics () securityfocus com
Subject: Cisco ACL doubt

Hello people,

I have the following ACL attached to the external serial (ISP link) of
my Cisco 805 Router. 

access-list 102 remark Egress Filtering ACL access-list 102 permit ip
host 100.100.20.34 any access-list 102 permit ip host 100.100.14.102 any
log-input
access-list 102 deny   ip any any log-input

And I keep getting lots of log messages from the router (just like the
one here!)

2005-07-02 14:13:37     Local5.Info     192.168.0.254   12112: 012109:
*Mar  1 17:38:03.975 GMT: %SEC-6-IPACCESSLOGP: list 102 denied tcp
200.227.70.210(0) (Serial0 DLCI 100) -> 100.100.20.53(0), 1 packet


As far as I can see, those messages tell that the router has blocked an
incoming packet on Interface Serial 0. The Big question is: Why does the
router reports this incoming packet related to ACL 102 if this ACL is
attached to the Serial 0 OUT???

interface Serial0
 ip access-group 102 out

Thanks in advance for any help.

Best regards,

Jasho Mendinka.

Ps.: in case one needs additional info, please contact me on my e-mail,
or I can send more infos if is the common interest.



---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including 
material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any 
use of this information by anyone other than the intended recipient is prohibited. If you have received this 
transmission in error, please immediately reply to the sender and delete this information from your system. Use, 
dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be 
unlawful.