beautypg.com

ZyXEL Communications ADSL VoIP IAD with 802.11g Wireless 2602HW Series User Manual

Page 497

background image

Prestige 2602HW Series User’s Guide

497

For type and code details, see

Table 190 on page 501

.

Table 180 TCP Reset Logs

LOG MESSAGE

DESCRIPTION

Under SYN flood attack,
sent TCP RST

The router sent a TCP reset packet when a host was under a SYN

flood attack (the TCP incomplete count is per destination host.)

Exceed TCP MAX
incomplete, sent TCP RST

The router sent a TCP reset packet when the number of TCP

incomplete connections exceeded the user configured threshold.

(the TCP incomplete count is per destination host.) Note: Refer to

TCP Maximum Incomplete in the Firewall Attack Alerts screen.

Peer TCP state out of
order, sent TCP RST

The router sent a TCP reset packet when a TCP connection state

was out of order.Note: The firewall refers to RFC793 Figure 6 to

check the TCP state.

Firewall session time
out, sent TCP RST

The router sent a TCP reset packet when a dynamic firewall

session timed out.Default timeout values:ICMP idle timeout (s):

60UDP idle timeout (s): 60TCP connection (three way

handshaking) timeout (s): 30TCP FIN-wait timeout (s): 60TCP idle

(established) timeout (s): 3600

Exceed MAX incomplete,
sent TCP RST

The router sent a TCP reset packet when the number of

incomplete connections (TCP and UDP) exceeded the user-

configured threshold. (Incomplete count is for all TCP and UDP

connections through the firewall.)Note: When the number of

incomplete connections (TCP + UDP) > “Maximum Incomplete

High”, the router sends TCP RST packets for TCP connections

and destroys TOS (firewall dynamic sessions) until incomplete

connections < “Maximum Incomplete Low”.

Access block, sent TCP
RST

The router sends a TCP RST packet and generates this log if you

turn on the firewall TCP reset mechanism (via CI command: "sys

firewall tcprst").

Table 181 Packet Filter Logs

LOG MESSAGE

DESCRIPTION

[ TCP | UDP | ICMP | IGMP |
Generic ] packet filter
matched (set: %d, rule: %d)

Attempted access matched a configured filter rule (denoted by

its set and rule number) and was blocked or forwarded

according to the rule.

Table 182 ICMP Logs

LOG MESSAGE

DESCRIPTION

Firewall default policy: ICMP
, ,

ICMP access matched the default policy and was blocked

or forwarded according to the user's setting.

Firewall rule [NOT] match: ICMP
, ,
,

ICMP access matched (or didn’t match) a firewall rule

(denoted by its number) and was blocked or forwarded

according to the rule.