Cisco Cisco ASA 5580 Adaptive Security Appliance Leaflet
3-73
思科 ASA 系列命令参考,S 命令
第 3 章 show as-path-access-list 至 show auto-update 命令
show asp drop
- OR -
All output interfaces have been removed from the multicast entry.
Recommendation:
No action required.
- OR -
Verify that there are no longer any receivers for this group.
Syslogs:
None
----------------------------------------------------------------
Name: mcast-entry-removed
Multicast entry removed:
A packet has arrived that matches a multicast flow, but the multicast service is no
longer enabled, or was re-enabled after the flow was built.
- OR -
The multicast entry has been deleted so the flow is being cleaned up, but the packet
will be reinjected into the data path.
Recommendation:
Reenable multicast if it is disabled.
- OR -
No action required.
Syslogs:
None
----------------------------------------------------------------
Name: tcp-intercept-kill
Flow terminated by TCP Intercept:
TCP intercept would tear down a connection if this is the first SYN, a connection is
created for the SYN, and TCP intercept replied with a SYN cookie, or after seeing a valid
ACK from client, when TCP intercept sends a SYN to server, server replies with a RST.
Recommendation:
TCP intercept normally does not create a connection for first SYN, except when there
are nailed rules or the packet comes over a VPN tunnel or the next hop gateway address to
reach the client is not resolved.So for the first SYN this indicates that a connection got
created.When TCP intercept receives a RST from server, its likely the corresponding port
is closed on the server.
Syslogs:
None
----------------------------------------------------------------
Name: audit-failure
Audit failure:
A flow was freed after matching an "ip audit" signature that had reset as the
associated action.
Recommendation:
If removing the flow is not the desired outcome of matching this signature, then
remove the reset action from the "ip audit" command.
Syslogs:
None
----------------------------------------------------------------