3-56 Administrator’s Handbook
•The following three fields allow you to log exceptions based on your filter policies:
•Filter Violations,
•Accepted Packets, and
•Access Attempts
See “About Filters and Filter Sets” on page
You will need to install a Syslog client daemon program on your PC and configure it to report the WAN events you specified in the Logging Configuration screen.
The following screen shows a sample syslog dump of WAN events:
May | 5 | 10:14:06 tsnext.netopia.com | Link | 1 down: PPP PAP failure |
May | 5 | 10:14:06 tsnext.netopia.com >>Issued Speech Setup Request from our DN: 5108645534 | ||
May | 5 | 10:14:06 tsnext.netopia.com | Requested Disc. from DN: 917143652500 | |
May | 5 | 10:14:06 tsnext.netopia.com | Received Clear Confirm for our DN: 5108645534 | |
May | 5 | 10:14:06 tsnext.netopia.com | Link | 1 down: Manual disconnect |
May | 5 | 10:14:06 tsnext.netopia.com >>Issued Speech Setup Request from our DN: 5108645534 | ||
May | 5 | 10:14:06 tsnext.netopia.com | Requested Disc. from DN: 917143652500 | |
May | 5 | 10:14:06 tsnext.netopia.com | Received Clear Confirm for our DN: 5108645534 | |
May | 5 | 10:14:06 tsnext.netopia.com | Link | 1 down: No answer |
May | 5 10:14:06 tsnext.netopia.com | |||
May | 5 | 10:14:06 tsnext.netopia.com >>Received Speech Setup Ind. from DN: (not supplied) | ||
May | 5 | 10:14:06 tsnext.netopia.com | Requested Connect to our DN: 5108645534 | |
May | 5 | 10:14:06 tsnext.netopia.com | ASYNC: Modem carrier detected (more) Modem | |
|
|
| reports: 26400 V34 | |
May | 5 | 10:14:06 tsnext.netopia.com >>WAN: | 56K Modem 1 activated at 115 Kbps | |
May | 5 | 10:14:06 tsnext.netopia.com | Connect Confirmed to our DN: 5108645534 | |
May | 5 | 10:14:06 tsnext.netopia.com | PPP: Channel 1 up, Answer Profile name: Default Profile | |
May | 5 | 10:14:06 tsnext.netopia.com | PPP: NCP up, session 1, Channel 1 Final (fallback) | |
|
|
| negotiated auth: Local PAP , Remote NONE | |
May | 5 10:14:06 tsnext.netopia.com | PPP: PAP we accepted remote, Channel 1 Remote name: guest | ||
May | 5 | 10:14:06 tsnext.netopia.com | PPP: MP negotiated, session 1 Remote EDO: 06 03 0 | |
|
|
| 000C5700624 0 | |
May | 5 | 10:14:06 tsnext.netopia.com | PPP: CCP negotiated, session 1, type: Ascend | |
|
|
| LZS Local mode: 1, Remote mode: 1 | |
May | 5 | 10:14:06 tsnext.netopia.com | PPP: BACP negotiated, session 1 Local MN: FFFFFF | |
|
|
| FF, Remote MN: 00000001 | |
May | 5 | 10:14:06 tsnext.netopia.com | PPP: IPCP negotiated, session 1, rem: | |
|
|
| 192.168.10.100 local: 192.168.1.1 | |
May | 5 | 10:14:06 tsnext.netopia.com >>WAN: 56K Modem 1 deactivated | ||
May | 5 | 10:14:06 tsnext.netopia.com | Received Clear Ind. from DN: 5108645534, Cause: 0 | |
May | 5 | 10:14:06 tsnext.netopia.com | Issued Clear Response to DN: 5108645534 | |
May | 5 | 10:14:06 tsnext.netopia.com | Link 1 down: Remote clearing | |
May | 5 | 10:14:06 tsnext.netopia.com | PPP: IPCP down, session 1 | |
May | 5 | 10:14:06 tsnext.netopia.com >>Received Speech Setup Ind. from DN: (not supplied) | ||
Log event dispositions
Note: Syslog must be enabled to comply with Logging requirements mentioned in The Modular Firewall Certification Criteria - Baseline Module - version 4.1 (specified by ICSA Labs).
For more information, please go to the following URL:
http://www.icsalabs.com/icsa/docs/html/communities/firewalls/pdf/4.1/baseline.pdf
