Chapter 26 Logs Screens
Table 173 Content Filtering Logs (continued)
LOG MESSAGE | DESCRIPTION |
DNS resolving failed | The ZyWALL cannot get the IP address of the external content filtering |
| via DNS query. |
Creating socket failed | The ZyWALL cannot issue a query because TCP/IP socket creation |
| failed, port:port number. |
Connecting to content | The connection to the external content filtering server failed. |
filter server fail |
|
License key is invalid | The external content filtering license key is invalid. |
For type and code details, see Table 181 on page 506.
Table 174 Attack Logs
LOG MESSAGE | DESCRIPTION |
attack [ TCP UDP IGMP | The firewall detected a TCP/UDP/IGMP/ESP/GRE/OSPF attack. |
ESP GRE OSPF ] |
|
attack ICMP (type:%d, | The firewall detected an ICMP attack. |
code:%d) |
|
land [ TCP UDP IGMP | The firewall detected a TCP/UDP/IGMP/ESP/GRE/OSPF land |
ESP GRE OSPF ] | attack. |
land ICMP (type:%d, | The firewall detected an ICMP land attack. |
code:%d) |
|
ip spoofing - WAN [ TCP | The firewall detected an IP spoofing attack on the WAN port. |
UDP IGMP ESP GRE |
|
OSPF ] |
|
ip spoofing - WAN ICMP | The firewall detected an ICMP IP spoofing attack on the WAN |
(type:%d, code:%d) | port. |
icmp echo : ICMP | The firewall detected an ICMP echo attack. |
(type:%d, code:%d) |
|
syn flood TCP | The firewall detected a TCP syn flood attack. |
ports scan TCP | The firewall detected a TCP port scan attack. |
teardrop TCP | The firewall detected a TCP teardrop attack. |
teardrop UDP | The firewall detected an UDP teardrop attack. |
teardrop ICMP (type:%d, | The firewall detected an ICMP teardrop attack. |
code:%d) |
|
illegal command TCP | The firewall detected a TCP illegal command attack. |
NetBIOS TCP | The firewall detected a TCP NetBIOS attack. |
ip spoofing - no routing | The firewall classified a packet with no source routing entry as an |
entry [ TCP UDP IGMP | IP spoofing attack. |
ESP GRE OSPF ] |
|
ip spoofing - no routing | The firewall classified an ICMP packet with no source routing |
entry ICMP (type:%d, | entry as an IP spoofing attack. |
code:%d) |
|
vulnerability ICMP | The firewall detected an ICMP vulnerability attack. |
(type:%d, code:%d) |
|
traceroute ICMP (type:%d, | The firewall detected an ICMP traceroute attack. |
code:%d) |
|
ports scan UDP | The firewall detected a UDP port scan attack. |
| 499 |
ZyWALL 2WG User’s Guide | |
|
|