Chapter 21 Logs
AMG1302-T10A User’s Guide
210
Table 81 System Error Logs
LOG MESSAGE DESCRIPTION
%s exceeds the max. number
of session per host!
This attempt to create a NAT session exceeds the maximum number of
NAT session table entries allowed to be created per host.
setNetBIOSFilter: calloc
error
The router failed to allocate memory for the NetBIOS filter settings.
readNetBIOSFilter: calloc
error
The router failed to allocate memory for the NetBIOS filter settings.
WAN connection is down.
A WAN connection is down. You can access the network through this
interface.
Table 82 Access Control Logs
LOG MESSAGE DESCRIPTION
Firewall default policy: [ TCP |
UDP | IGMP | ESP | GRE | OSPF ]
<Packet Direction>
Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access matched
the default policy and was blocked or forwarded according to
the default policy’s setting.
Firewall rule [] match:[ TCP | UDP
| IGMP | ESP | GRE | OSPF ] <Packet
Direction>, <rule:%d>
Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access matched
(or did not match) a configured firewall rule (deed by its
number) and was blocked or forwarded according to the rule.
Triangle route packet forwarded: [
TCP | UDP | IGMP | ESP | GRE | OSPF
]
The firewall allowed a triangle route session to pass through.
Packet without a NAT table entry
blocked: [ TCP | UDP | IGMP | ESP |
GRE | OSPF ]
The router blocked a packet that didn't have a corresponding
NAT table entry.
Router sent blocked web site
message: TCP
The router sent a message to notify a user that the router
blocked access to a web site that the user requested.
Table 83 TCP Reset Logs
LOG MESSAGE DESCRIPTION
Under SYN flood attack,
sent TCP RST
The router sent a TCP reset packet when a host was under a SYN flood
attack (the TCP incomplete count is per destination host.)
Exceed TCP MAX incomplete,
sent TCP RST
The router sent a TCP reset packet when the number of TCP
incomplete connections exceeded the user configured threshold. (the
TCP incomplete count is per destination host.) e: Refer to TCP
Maximum Incomplete in the Firewall Attack Alerts screen.
Peer TCP state out of order,
sent TCP RST
The router sent a TCP reset packet when a TCP connection state was
out of order.e: The firewall refers to RFC793 Figure 6 to check the TCP
state.
Firewall session time out,
sent TCP RST
The router sent a TCP reset packet when a dynamic firewall session
timed out.Default timeout values:ICMP idle timeout (s): 60UDP idle
timeout (s): 60TCP connection (three way handshaking) timeout (s):
30TCP FIN-wait timeout (s): 60TCP idle (established) timeout (s):
3600
To Next Page
Loading...
