ZyXEL Communications Internet Security Gateway ZyWALL 2 Series User Manual page 595

LOG MESSAGE
Packet without a NAT
table entry blocked
Out of order TCP
handshake packet
blocked
Drop unsupported/out-
of-order ICMP
Router sent ICMP
response packet
(type:%d, code:%d)
ACL SET DIRECTION
NUMBER
1 LAN to WAN
2 WAN to LAN
7 LAN to
LAN/ZyWALL
8 WAN to
WAN/ZyWALL
TYPE CODE
0
0
Log Descriptions
Chart O-6 Access Logs
The router blocked a packet that did not have a corresponding
SUA/NAT table entry.
The router blocked a TCP handshake packet that came out of the
proper order
The ZyWALL generates this log after it drops an ICMP packet due to
one of the following two reasons:
1. The ZyWALL does not support the ICMP packet's protocol.
2. The ICMP packet is an echo reply for which there was no
corresponding echo request.
The router sent an ICMP response packet. This packet automatically
bypasses the firewall. See the section on ICMP messages for type
and code details.
Chart O-7 ACL Setting Notes
ACL set 1 for packets traveling from the LAN to the WAN.
ACL set 2 for packets traveling from the WAN to the LAN.
ACL set 7 for packets traveling from the LAN to the LAN or the
ZyWALL.
ACL set 8 for packets traveling from the WAN to the WAN or the
ZyWALL.
Chart O-8 ICMP Notes
Echo Reply
Echo reply message
ZyWALL 2 Series User's Guide
DESCRIPTION
DESCRIPTION
DESCRIPTION
O-9