Appendix B – System Log
273
Commonly used interfaces are:
eth0 the LAN port
eth1 the WAN/Internet port
pppX e.g. ppp0 or ppp1, a PPP session
ipsecX e.g. ipsec0, an IPSec interface
The firewall rules deny all packets arriving from the WAN port by default. There are a few
ports open to deal with traffic such as DHCP, VPN services and similar. Any traffic that
does not match the exceptions however is dropped.
There are also some specific rules to detect various attacks (smurf, teardrop, etc.).
When outbound traffic (from LAN to WAN) is blocked by custom rules configured in the
GUI, the resultant dropped packets are also logged.
The <prefix> for all these rules is varied according to their type.
Currently used prefixes for traffic arriving:
Default Deny Packet didn't match any rule, drop it
Invalid Invalid packet format detected
Smurf Smurf attack detected
Spoof Invalid IP address detected
SynFlood SynFlood attack detected
Custom Custom rule dropped outbound packet
To Next Page
Loading...
Need help?
General
