Cisco Cisco ASA 5580 Adaptive Security Appliance 产品宣传页
3-16
思科 ASA 系列命令参考,S 命令
第 3 章 show as-path-access-list 至 show auto-update 命令
show asp drop
This counter is incremented when the security appliance receives a TCP packet whose
size is smaller than minimum-allowed header length or does not conform to the received
packet length.
Recommendation:
The invalid packet could be a bogus packet being sent by an attacker.
Investigate the traffic from source in the following syslog.
Syslogs:
500003.
----------------------------------------------------------------
Name: invalid-udp-length
Invalid UDP Length:
This counter is incremented when the security appliance receives a UDP packet whose
size as calculated from the fields in header is different from the measured size of packet
as received from the network.
Recommendation:
The invalid packet could be a bogus packet being sent by an attacker.
Syslogs:
None.
----------------------------------------------------------------
Name: no-adjacency
No valid adjacency:
This counter is incremented when the security appliance has tried to obtain an
adjacency and could not obtain mac-address for next hop.The packet is dropped.
Recommendation:
Configure a capture for this drop reason and check if a host with specified
destination address exists on connected network or is routable from the device.
Syslogs:
None.
----------------------------------------------------------------
Name: unexpected-packet
Unexpected packet:
This counter is incremented when the appliance in transparent mode receives a non-IP
packet, destined to its MAC address, but there is no corresponding service running on the
appliance to process the packet.
Recommendation:
Verify if the appliance is under attack.If there are no suspicious packets, or the
device is not in transparent mode, this counter is most likely being incremented due to a
software error.Attempt to capture the traffic that is causing the counter to increment and
contact the Cisco TAC.
Syslogs:
None
----------------------------------------------------------------
Name: no-route
No route to host:
This counter is incremented when the security appliance tries to send a packet out of
an interface and does not find a route for it in routing table.