ZyXEL Communications P-2302HW-P1 Series, P-2302HWL-P1 Series manual 257

LOG MESSAGE

DESCRIPTION

LOG MESSAGE

DESCRIPTION

Firewall default policy: [ TCP

Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access

UDP IGMP ESP GRE OSPF ]

matched the default policy and was blocked or forwarded

<Packet Direction>

according to the default policy’s setting.

Firewall rule [NOT] match:[ TCP

Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access

UDP IGMP ESP GRE OSPF ]

matched (or did not match) a configured firewall rule

<Packet Direction>, <rule:%d>

(denoted by its number) and was blocked or forwarded

according to the rule.

Triangle route packet forwarded:

The firewall allowed a triangle route session to pass

[ TCP UDP IGMP ESP GRE

through.

OSPF ]

Packet without a NAT table entry

The router blocked a packet that didn't have a

blocked: [ TCP UDP IGMP ESP

corresponding NAT table entry.

GRE OSPF ]

Router sent blocked web site

The router sent a message to notify a user that the router

message: TCP

blocked access to a web site that the user requested.

Exceed maximum sessions per host

The device blocked a session because the host's

(%d).

connections exceeded the maximum sessions per host.

LOG MESSAGE

DESCRIPTION

Under SYN flood attack,

The router sent a TCP reset packet when a host was under a SYN

sent TCP RST

flood attack (the TCP incomplete count is per destination host.)

Exceed TCP MAX

The router sent a TCP reset packet when the number of TCP

incomplete, sent TCP RST

incomplete connections exceeded the user configured threshold.

(the TCP incomplete count is per destination host.)

Peer TCP state out of

The router sent a TCP reset packet when a TCP connection state

order, sent TCP RST

was out of order.Note: The firewall refers to RFC793 Figure 6 to

check the TCP state.

Chapter 21 Logs

257