FVS338 ProSafe VPN Firewall 50 Reference Manual

Table B-18. System Logs: Invalid Packets (continued)

Recommended Action

1.

Invalid packets are dropped.

 

 

2.

Use this command to enable dropping and logging of the invalid packets:

 

 

fw/rules/attackChecks/configure dropInvalid

1

 

 

To allow invalid packet and disable logging:

 

 

 

fw/rules/attackChecks/configure dropInvalid

0

 

 

 

Message

2007 Oct 1 00:44:17 [FVX538] [kernel]

 

 

[INVALID][BAD_HW_CHECKSUM][DROP] SRC=192.168.20.10

 

DST=192.168.20.2 PROTO=ICMP TYPE=3 CODE=0

Explanation

Bad Hardware Checksum for ICMP packets

 

 

 

 

 

Recommended Action

1.

Invalid packets are dropped.

 

 

2.

Use this command to enable dropping and logging of the invalid packets:

 

 

fw/rules/attackChecks/configure dropInvalid

1

 

 

To allow invalid packet and disable logging:

 

 

 

fw/rules/attackChecks/configure dropInvalid

0

 

 

Message

[INVALID][MALFORMED_PACKET][DROP] SRC=192.168.20.10

 

DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899

 

 

 

Explanation

Malformed packet

 

 

 

 

 

Recommended Action

1.

Invalid packets are dropped.

 

 

2.

Use this command to enable dropping and logging of the invalid packets:

 

 

fw/rules/attackChecks/configure dropInvalid

1

 

 

To allow invalid packet and disable logging:

 

 

 

fw/rules/attackChecks/configure dropInvalid

0

 

 

 

Message

2007 Oct 1 00:44:17 [FVX538] [kernel]

 

 

[INVALID][SHORT_PACKET][DROP] SRC=192.168.20.10

 

DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899

 

 

 

Explanation

Short packet

 

 

 

 

 

Recommended Action

1.

Invalid packets are dropped.

 

 

2.

Use this command to enable dropping and logging of the invalid packets:

 

 

fw/rules/attackChecks/configure dropInvalid

1

 

 

To allow invalid packet and disable logging:

 

 

 

fw/rules/attackChecks/configure dropInvalid

0

 

 

Message

[INVALID][ INVALID_STATE][DROP] SRC=192.168.20.10

 

DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899

 

 

 

Explanation

Packet with Invalid State

 

 

 

 

 

Recommended Action

1.

Invalid packets are dropped.

 

 

2.

Use this command to enable dropping and logging of the invalid packets:

 

 

fw/rules/attackChecks/configure dropInvalid

1

 

 

To allow invalid packet and disable logging:

 

 

 

fw/rules/attackChecks/configure dropInvalid

0

 

 

 

 

System Logs and Error Messages

B-13

v1.0, March 2008

Page 184 Page 186
Page 185
Image 185
NETGEAR FVS338 manual Invalidbadhwchecksumdrop SRC=192.168.20.10
Page 184 Page 186
Top Page Image Contents