FVS338 ProSafe VPN Firewall 50 Re ference Manual

B-14 System Logs and Error Messages

v1.0, March 2008

Routing Logs

This section is used to configure the logging options for each network segment like LAN-WAN for

debugging purposes. This may generate a significant volume of log messages.

Message 2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][REOPEN_CLOSE_CONN][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation Attempt to re-open/close session
Recommended Action 1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0
Message 2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][OUT_OF_WINDOW][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation Packet not in TCP window
Recommended Action 1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0
Message 2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][ERR_HELPER_ROUTINE][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation Error returned from helper routine
Recommended Action 1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0
Table B-18. System Logs: Invalid Packets (continued)