ZyXEL Communications 202H User Manual

Prestige 202H User’s Guide

17-2

Firewall

Logs

The following table describes the fields in this screen.

Table 17-1 Log Screen

FIELD DESCRIPTION

EXAMPLE

No.

This is the index number of the firewall log. 128
entries are available numbered from 0 to 127. Once
they are all used, the log will wrap around and the old
logs will be lost.

dd:mm:yy e.g., Jan 1 0

Time

This is the time the log was recorded in this format.
You must configure menu 24.10 for real-time;
otherwise the time shown in these examples is
displayed.

hh:mm:ss e.g.,

00:00:00

From and To IP addresses

Packet
Information

This field lists packet information such as:

protocol and port numbers.

This field states the reason for the log; i.e., was the
rule matched, not matched, or was there an attack.
The set and rule coordinates ( where X=1,2;
Y=00~10) follow with a simple explanation. There are
two policy sets; set 1 (X = 1) is for LAN to WAN rules
and set 2 (X = 2) for WAN to LAN rules. Y represents
the rule in the set. You can configure up to 10 rules in
any set (Y = 01 to 10). Rule number 00 is the default
rule.

not match

<1,01> dest IP

This means this packet

does not match the

destination IP address in

set 1, rule 1. Other reasons

(instead of dest IP) are src

IP, dest port, src port and

protocol.

Reason

This is a log for a DoS attack

attack

land, ip spoofing, icmp

echo, icmp vulnerability,

NetBIOS, smtp illegal

command, traceroute,
teardrop, or syn flood.

Action

This field displays whether the packet was blocked
(i.e., silently discarded), forwarded or neither (Block,
Forward or None). “None” means that no action is
dictated by this rule.

Block, Forward

or None

Click Back to return to the previous screen. Click Previous Page or Next Page to view other
pages in your log. Click Refresh to renew the log screen or Clear to clear all the logs. Click the
Help icon for field descriptions.