ZyXEL Communications 652 Table 10-1View Firewall Log

FIELD

DESCRIPTION

EXAMPLES

#

This is the index number of the firewall log. 128 entries

23

are available numbered from 0 to 127. Once they are

all used, the log wraps around and the old logs are

lost.

Time

This is the time the log was recorded in this format.

mm:dd:yy

e.g., Jan 1 00

You must configure menu 24.10 for real time;

hh:mm:ss

e.g., 00:00:00

otherwise the clock will start at 2000/01/01 00:00:00

the last time the Prestige was reset.

Packet

This field lists packet information such as protocol and

From and To IP addresses

Information

src/dest port numbers (TCP, UDP), or protocol, type

Protocol and port numbers

and code (ICMP).

Reason

This field states the reason for the log; i.e., was the

not match

rule matched, did not match or was there an attack.

<1,01> dest IP

The set and rule coordinates (<X, Y> where X=1,2;

Y=00~10) follow with a simple explanation. There are

This means this packet does

two policy sets; set 1 (X = 1) is for LAN to WAN rules

not match the destination IP

and set 2 (X = 2) for WAN to LAN rules. Y represents

address in set 1, rule 1. Other

the rule in the set. You can configure up to 10 rules in

reasons (instead of dest IP)

any set (Y = 01 to 10). Rule number 00 is the default

are src IP, dest port, src port

rule.

and protocol.

This is a log for a DoS attack.

attack

land, ip spoofing, icmp echo,

icmp vulnerability, NetBIOS,

smtp illegal command,

traceroute, teardrop or syn

flood

Action

This field displays whether the packet was blocked or

block, forward

forwarded. None means that no action is dictated by

or none

this rule.

Introducing the Prestige Firewall

10-3