beautypg.com

Table 112 access control logs, Table 113 tcp reset logs – ZyXEL Communications P-2302HWL-P1 Series User Manual

Page 257

background image

P-2302HW/HWL-P1 Series User’s Guide

Chapter 21 Logs

257

Too large ICMP packet has

been dropped

The device dropped an ICMP packet that was too large.

Configuration Change: PC =

0x%x, Task ID = 0x%x

The device is saving configuration changes.

Table 112 Access Control Logs

LOG MESSAGE

DESCRIPTION

Firewall default policy: [ TCP |

UDP | IGMP | ESP | GRE | OSPF ]

Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access
matched the default policy and was blocked or forwarded
according to the default policy’s setting.

Firewall rule [NOT] match:[ TCP

| UDP | IGMP | ESP | GRE | OSPF ]

,

Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access
matched (or did not match) a configured firewall rule
(denoted by its number) and was blocked or forwarded
according to the rule.

Triangle route packet forwarded:

[ TCP | UDP | IGMP | ESP | GRE |

OSPF ]

The firewall allowed a triangle route session to pass
through.

Packet without a NAT table entry

blocked: [ TCP | UDP | IGMP | ESP

| GRE | OSPF ]

The router blocked a packet that didn't have a
corresponding NAT table entry.

Router sent blocked web site

message: TCP

The router sent a message to notify a user that the router
blocked access to a web site that the user requested.

Exceed maximum sessions per host

(%d).

The device blocked a session because the host's
connections exceeded the maximum sessions per host.

Table 113 TCP Reset Logs

LOG MESSAGE

DESCRIPTION

Under SYN flood attack,

sent TCP RST

The router sent a TCP reset packet when a host was under a SYN
flood attack (the TCP incomplete count is per destination host.)

Exceed TCP MAX

incomplete, sent TCP RST

The router sent a TCP reset packet when the number of TCP
incomplete connections exceeded the user configured threshold.
(the TCP incomplete count is per destination host.)

Peer TCP state out of

order, sent TCP RST

The router sent a TCP reset packet when a TCP connection state
was out of order.Note: The firewall refers to RFC793 Figure 6 to
check the TCP state.

Table 111 System Maintenance Logs (continued)

LOG MESSAGE

DESCRIPTION

This manual is related to the following products:
See also other documents in the category ZyXEL Communications Hardware: