Cisco Cisco ASA 5510 Adaptive Security Appliance Fascicule
3-72
Cisco ASA Series 명령 참조 , S 명령
3장 show as-path-access-list through show auto-update 명령
show asp drop
----------------------------------------------------------------
Name: tcp-intercept-unexpected
TCP intercept unexpected state:
Logic error in TCP intercept module, this should never happen.
Recommendation:
Indicates memory corruption or some other logic error in the TCP intercept module.
Syslogs:
None
----------------------------------------------------------------
Name: tcpnorm-rexmit-bad
TCP bad retransmission:
This reason is given for closing a TCP flow when check-retransmission feature is
enabled and the TCP endpoint sent a retransmission with different data from the original
packet.
Recommendations:
The TCP endpoint maybe attacking by sending different data in TCP retransmits. Please
use the packet capture feature to learn more about the origin of the packet.
Syslogs:
302014
----------------------------------------------------------------
Name: tcpnorm-win-variation
TCP unexpected window size variation:
This reason is given for closing a TCP flow when window size advertised by TCP
endpoint is drastically changed without accepting that much data.
Recommendations:
In order to allow this connection, use the window-variation configuration under
tcp-map.
Syslogs:
302014
----------------------------------------------------------------
Name: tcpnorm-invalid-syn
TCP invalid SYN:
This reason is given for closing a TCP flow when the SYN packet is invalid.
Recommendations:
SYN packet could be invalid for number of reasons, like invalid checksum, invalid TCP
header. Please use the packet capture feature to understand why the SYN packet is invalid.
If you would like to allow these connection use tcp-map configurations to bypass checks.
Syslogs:
302014
----------------------------------------------------------------
Name: mcast-intrf-removed
Multicast interface removed:
An output interface has been removed from the multicast entry.
- OR -
All output interfaces have been removed from the multicast entry.
Recommendation: