pix 501 logging question

[NI <firewall-wizards () konadogs net>]

Wizards,

I need some clarification on logging via syslog with a PIX-501 
running 6.3.(3). 

I have an ACL called "inbound" bound to the outside interface.
When I append the following rule to "inbound", for some reason 
unsolicited traffic isn't logged:

   access-list inbound deny ip any any log 4

The other elements which permit traffic seem to work as advertised. 
For example, I have this rule to permit access to my mail servers:

   access-list inbound permit tcp any object-group mx_hosts eq smtp log 4

and connections are logged to syslog that look like this:

Mar  2 12:47:14 192.xxx.xxx.xxx Mar 02 2005 12:47:14: %PIX-4-106100: access-list inbound permitted tcp 
outside/205.206.xxx.xxx(27652) -> inside/66.91.xxx.xxx(25) hit-cnt 2 (300-second interval)

Any suggestions on how to properly configure the PIX to log unsolicited 
tcp/ucp/icmp traffic on the outside (security0) interface?  I would like
to see PIX-4-106100 messages for the denied traffic.

Thanks,
Nate
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards