EasyManua.ls Logo

Digi TransPort WR11 - Show Firewall Trace Output

Digi TransPort WR11
948 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Managing networks and connections Show network interface status
Digi TransPor Routers User Guide
864
Show firewall trace output
Using the log keyword in a firewall rule appends output to the firewall trace output. Typically, the last
rule in the form block log break end uses the log keyword to log a summary of all packets not
matching one of the allow rules. The log keyword provides more logging flexibility; see the log action
description in Use firewall scripts.
Here is example firewall trace output from a firewall rule, showing two logged packets. Output for the
first packet is:
bl ock l og br eak end
- - - - - 5- 10- 2009 23: 12: 08 - - - - - -
FW LOG Di r : I N Li ne: 37 Hi t s: 4730 I FACE: ETH 3
Sour ce I P: 222. 45. 112. 59 Dest I P: 217. 34. 133. 21 I D: 256 TTL: 106 PROTO: TCP ( 6)
Sr c Por t : 12200 Dst Por t : 8118
bl ock l og br eak end
- - - - - - - - - -
- - - - - 5- 10- 2009 23: 13: 15 - - - - - -
FW LOG Di r : I N Li ne: 37 Hi t s: 4731 I FACE: ETH 3
Sour ce I P: 218. 61. 22. 42 Dest I P: 217. 34. 133. 21 I D: 35372 TTL: 136 PROTO: TCP ( 6)
Sr c Por t : FTP CTL ( 21) Dst Por t : 16794
bl ock l og br eak end
- - - - - - - - - -
Next is the time stamp of the blocked packet.
- - - - - 5- 10- 2009 23: 12: 08 - - - - - -
FW LOG Di r : I N Li ne: 37 Hi t s: 4730 I FACE: ETH 3
Sour ce I P: 222. 45. 112. 59 Dest I P: 217. 34. 133. 21 I D: 256 TTL: 106 PROTO: TCP ( 6)
Sr c Por t : 12200 Dst Por t : 8118
n Dir is the direction of the packet that was logged, either IN or OUT of the router.
n Line is the line number within the firewall rules that caused this packet to be logged.
n Hits is the number of packets that have matched this rule.
n IFACE is the interface which the packet was logged on.
n Source IP is the source IP address of the packet that was logged.
n Dest IP is the destination IP address of the packet that was logged.
n ID is the ID of the packet, this is taken from the packet header.
n TTL is the Time To Live value.
n PROTO is the layer 3 protocol of the logged packet.
n Src Port is the source TCP or UDP port number of the packet that was logged.
n Dst Port is the destination TCP or UDP port number of the packet that was logged.
n block log break end is the actual rule that caused the packet to be logged.
Command line
Command Options Action
type fwlog.txt n/a Displays the current firewall trace.

Table of Contents

Other manuals for Digi TransPort WR11

Preview: Installation Guide
Installation Guide17 pages
Preview: Manual
Manual20 pages
Preview: Quick Start Quide
Quick Start Quide2 pages
Preview: Quick Start Guide
Quick Start Guide2 pages

Related product manuals