Table of Contents
Advertisement
L-10 Log Descriptions
Chart L-6 Access Logs
LOG MESSAGE
Router sent blocked
web site message
Triangle route
packet forwarded
Firewall sent TCP
packet in response
to DoS attack
Firewall sent TCP
reset packets
Packet without a
NAT table entry
blocked
Out of order TCP
handshake packet
blocked
Drop
unsupported/out-of-
order ICMP
Router sent ICMP
response packet
(type:%d, code:%d)
Chart L-7 ACL Setting Notes
ACL SET
DIRECTION
NUMBER
LAN to WAN
1
317517-A Rev 00
A message was sent to notify a user that the router blocked access to
a requested web site
The firewall allowed a triangle route session to pass through.
The firewall detected a DoS attack and sent a TCP packet(s) in
response.
The firewall sent out TCP reset packets.
The router blocked a packet that did not have a corresponding
SUA/NAT table entry.
The router blocked a TCP handshake packet that came out of the
proper order
The Contivity 221 generates this log after it drops an ICMP packet
due to one of the following two reasons:
1. The Contivity 221 does not support the ICMP packet's protocol.
2. The ICMP packet is an echo reply for which there was no
corresponding echo request.
The router sent an ICMP response packet. This packet automatically
bypasses the firewall. See the section on ICMP messages for type
and code details.
ACL set 1 for packets traveling from the LAN to the WAN.
DESCRIPTION
DESCRIPTION
Advertisement
Table of Contents
