beautypg.com

Raw ip protocol logs, Firewall startup log – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 1340

background image

1332

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

29

Module name is DATAPLANE

Syslog Severity level is 5

Log ID is MALFORMEDIP

Log Message is Dropping IPv4Packet

Raw IP Protocol logs

The following example displays TCP without data:

Feb 07 12:16:50 2013: %DATAPLANE-4-DOSATTACK: INVALID PACKET: TCP header length less than
20 bytes : Src IP : 192.168.2.102, Dst IP: 192.168.1.104, Src Mac: 00-11-25-14-D9-E2, Dst Mac:
00-15-70-81-91-6A, Proto = 6.

Feb 07 12:16:55 2013: %DATAPLANE-5-MALFORMEDIP: Dropping IPv4 Packet from 192.168.2.102
to 192.168.1.104 Protocol Number: 6. Reason: malformed TCP header.

To generate a raw IP protocol log, logging has to be enabled.

For example, the following commands have to be executed:

rfs7000-37FABE(config-fw-policy-default)# logging verbose

rfs7000-37FABE(config-fw-policy-default)#

rfs7000-37FABE(config-fw-policy-default)# logging rawip-packet-drop all

rfs7000-37FABE(config-fw-policy-default)#

When logging verbose is enabled, the log is displayed as:

Feb 07 12:20:30 2013: %DATAPLANE-4-DOSATTACK: INVALID PACKET: TCP header length less than
20 byt es : Src IP : 192.168.0.91, Dst IP: 192.168.0.1, Src Mac: 00-16-36-05-72-2A, Dst Mac:
00-23-68-22-C8-6E, Proto = 6.

Feb 07 12:22:49 2013: %DATAPLANE-5-MALFORMEDIP: Dropping IPv4 Packet from 192.168.0.91
to 192.168.0.1 Protocol Number: 6 . Reason: malformed TCP header.

Module name is DATAPLANE

Syslog Severity level is 4

Log ID is DOSATTACK

Log Message is INVALID PACKET

Firewall startup log

The following example displays an enabled firewall. A firewall enabled message is displayed in bold.

System bootup time (via /proc/uptime) was 93.42 42.52

Please press Enter to activate this console. Feb 07 12:25:09 2013: %NSM-4-IFUP: Interface vlan2
is up

Feb 07 12:25:09 2013: KERN: vlan2: add 01:00:5e:00:00:01 mcast address to master interface.

Feb 07 12:25:09 2013: %NSM-4-IFUP: Interface vlan172 is up

Feb 07 12:25:09 2013: KERN: vlan172: add 01:00:5e:00:00:01 mcast address to master
interface.

Feb 07 12:25:09 2013: %PM-6-PROCSTART: Starting process "/usr/sbin/lighttpd"

See also other documents in the category Brocade Computer Accessories: