ZyWALL 10 Internet Security Gateway
FIELD | DESCRIPTION | EXAMPLES | |
No. | This is the index number of the firewall log. 128 |
|
|
| entries are available numbered from 0 to 127. |
|
|
| Once they are all used, the log will wrap around |
|
|
| and the old logs will be lost. |
|
|
|
|
|
|
Time | This is the time the log was recorded in this | dd:mm:yy | e.g., Jan 1 0 |
| format. You must configure menu 24.10 for real- | hh:mm:ss | e.g., 00:00:00 |
| time; otherwise the time shown in these examples | ||
|
|
| |
| is displayed. |
|
|
|
|
| |
Packet | This field lists packet information such as: | From and To IP addresses | |
Information |
| protocol and port numbers. | |
|
| ||
|
|
| |
Reason | This field states the reason for the log; i.e., was | not match | |
| the rule matched, not matched, or was there an | <1,01> dest IP | |
| attack. The set and rule coordinates (<X, Y> | ||
|
|
| |
| where X=1,2; Y=00~10) follow with a simple | This means this packet | |
| explanation. There are two policy sets; set 1 (X = | does not match the | |
| 1) is for LAN to WAN rules and set 2 (X = 2) for | destination IP address in | |
| WAN to LAN rules. Y represents the rule in the | set 1, rule 1. Other reasons | |
| set. You can configure up to 10 rules in any set (Y | (instead of dest IP) are src | |
| = 01 to 10). Rule number 00 is the default rule. | IP, dest port, src port and | |
|
| protocol. | |
| This is a log is for a DoS attack |
| attack |
|
| land, ip spoofing, icmp | |
|
| echo, icmp vulnerability, | |
|
| NetBIOS, smtp illegal | |
|
| command, traceroute, | |
|
| teardrop, or syn flood. | |
|
| Section 14.1.2 and Chapter | |
|
| 13 have more detailed | |
|
| discussion of what these | |
|
| attacks mean. | |
Action | This field displays whether the packet was | Block, Forward | |
| blocked (i.e., silently discarded), forwarded or | or None | |
| neither (Block, Forward or None). “None” means | ||
|
|
| |
| that no action is dictated by this rule. |
|
|
|
|
|
|
Click Previous Page or Next Page to view other pages in your log. Click Refresh to renew the log screen or Clear to clear all the logs. Click Help for online HTML help on fields in this screen. When you have finished viewing this screen, click another link to exit.
Example Firewall Rules |