ZyXEL Communications P-312 manual Big Picture Filtering, Firewall and NAT

Field

Description

Time

This is the time the log was recorded in this format.

mm:dd:yy

e.g., Jan 1 70

You must configure Menu 24.10 for real time;

hh:mm:ss

e.g., 00:00:00

otherwise the clock started at Jan 1 70, 00:00:00 the

last time the P312 was reset.

Packet

This field lists packet information such as protocol and

From and To IP addresses

Information

src/dest port numbers (TCP, UDP), OR protocol, type

protocol and port numbers.

and code (ICMP).

Reason

This field states the reason for the log;

not match

i.e., was the rule matched, not matched,

<1,01> dest IP

or was there an attack. The set and rule

coordinates (<X, Y> where X=1,2;

This means this packet does not match the

Y=00~10) follow with a simple

destination IP address in set 1, rule 1.

explanation. There are two policy sets;

Other reasons (instead of dest IP) are src

set 1 (X = 1) is for LAN to WAN rules and

IP, dest port, src port and protocol.

set 2 (X = 2) for WAN to LAN rules. Y

attack

represents the rule in the set. You can

configure up to 10 rules in any set (Y = 01

land

to 10). Rule number 00 is the default rule.

This is a log for a DoS attack - in this case

a land attack. Other attack types are ip

spoofing, icmp echo, icmp vulnerability,

NetBIOS, smtp illegal command,

traceroute, teardrop, or syn flood.

Action

This field displays whether the packet was blocked, forwarded or neither (block,

forward or none). None means that no action is dictated by this rule.

Introducing the Prestige Firewall

14-5