Table 171. System logs: invalid packets (continued)
Message
Explanation
Recommended Action
Message
Explanation
Recommended Action
Message
Explanation
Recommended Action
Content-Filtering and Security Logs
This section describes the log messages that are generated by the content-filtering and
security mechanisms.
Web Filtering and Content-Filtering Logs
This section describes logs that are generated when the UTM filters web content.
Table 172. Content-filtering and security logs: web filtering and content filtering
Message
Explanation
Recommended Action
ProSecure Unified Threat Management (UTM) Appliance
2007 Oct 1 00:44:17 [UTM] [kernel]
[INVALID][REOPEN_CLOSE_CONN][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Attempt to reopen or close a session.
None.
2007 Oct 1 00:44:17 [UTM] [kernel]
[INVALID][OUT_OF_WINDOW][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Packet not in TCP window.
None.
2007 Oct 1 00:44:17 [UTM] [kernel]
[INVALID][ERR_HELPER_ROUTINE][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Error returned from helper routine.
None.
2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
SizeLimit Block
Logs that are generated when web content is blocked because the allowed size
limit is exceeded. The message shows the date and time, protocol, domain, user,
client IP address, server IP address, URL, reason for the action, and the action that
is taken.
None.
System Logs and Error Messages
607