Chapter 18 Logs
Table 72 System Error Logs
LOG MESSAGE | DESCRIPTION |
%s exceeds the max. | This attempt to create a NAT session exceeds the maximum |
number of session per | number of NAT session table entries allowed to be created per |
host! | host. |
setNetBIOSFilter: calloc | The router failed to allocate memory for the NetBIOS filter |
error | settings. |
readNetBIOSFilter: calloc | The router failed to allocate memory for the NetBIOS filter |
error | settings. |
WAN connection is down. | A WAN connection is down. You cannot access the network |
| through this interface. |
Table 73 Access Control Logs
LOG MESSAGE | DESCRIPTION |
Firewall default policy: [TCP | Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access |
UDP IGMP ESP GRE OSPF] | matched the default policy and was blocked or forwarded |
<Packet Direction> | according to the default policy’s setting. |
Firewall rule [NOT] match:[TCP | Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access |
UDP IGMP ESP GRE OSPF] | matched (or did not match) a configured firewall rule |
<Packet Direction>, <rule:%d> | (denoted by its number) and was blocked or forwarded |
| according to the rule. |
Triangle route packet forwarded: | The firewall allowed a triangle route session to pass |
[TCP UDP IGMP ESP GRE | through. |
OSPF] |
|
Packet without a NAT table entry | The router blocked a packet that didn't have a |
blocked: [TCP UDP IGMP ESP | corresponding NAT table entry. |
GRE OSPF] |
|
Router sent blocked web site | The router sent a message to notify a user that the router |
message: TCP | blocked access to a web site that the user requested. |
Table 74 TCP Reset Logs
LOG MESSAGE | DESCRIPTION |
Under SYN flood attack, | The router sent a TCP reset packet when a host was under a SYN |
sent TCP RST | flood attack (the TCP incomplete count is per destination host.) |
Exceed TCP MAX | The router sent a TCP reset packet when the number of TCP |
incomplete, sent TCP RST | incomplete connections exceeded the user configured threshold. |
| (the TCP incomplete count is per destination host.) Note: Refer to |
| TCP Maximum Incomplete in the Firewall Attack Alerts screen. |
|
|
Peer TCP state out of | The router sent a TCP reset packet when a TCP connection state |
order, sent TCP RST | was out of order.Note: The firewall refers to RFC793 Figure 6 to |
| check the TCP state. |
178 |
| |
ZyXEL |
| |
|
|
|