Motorola SBG940 manual Firewall Logs, Apply Click to apply your changes

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Firewall > LOGS Page

You can use this page to set which firewall events are logged.

Firewall > LOGS page fields

Enable Session Log Select this box to log every data session from the private LAN that was authorized by the SBG940 firewall. Usually, the session log displays a history of normal data traffic. It also lists the start of sessions the firewall terminated because:

•The policy was changed

•They were eventually determined to be an intrusion or attack To display the session log, click session.

Enable Blocking Log Select this box to log inbound and outbound packets that the SBG940 firewall:

•Does not allow to pass because they use protocols and/or ports not explicitly allowed by the active policy

•Determines to be invalid because of a session or reassembly timeout

To display the blocking log, click blocking.

Enable Intrusion Log Select this box to log attacks using common network intrusion tactics that the SBG940 firewall detects and stops.

To display the intrusion log, click intrusion.

If you enable the firewall, the blacklist log is always generated. Any IP address the firewall determines to have breached the active policy is added to the blacklist log. To view the blacklist log, click blacklist. The firewall blocks all traffic to and from a blacklisted IP address for 24 hours or until you reboot the SBG940 or manually clear the blacklist by clicking Clear on the Firewall > LOGS — blacklist page.