Show Firewall Trace Output - Digi TransPort WR11 User Manual
Hide thumbs
Also See for TransPort WR11:
- Manual (20 pages) ,
- Installation manual (17 pages) ,
- Quick start quide (2 pages)
Table of Contents
Advertisement
Managing networks and connections
Show firewall trace output
Using the log keyword in a firewall rule appends output to the firewall trace output. Typically, the last
rule in the form block log break end uses the log keyword to log a summary of all packets not
matching one of the allow rules. The log keyword provides more logging flexibility; see the log action
description in
Use firewall
Here is example firewall trace output from a firewall rule, showing two logged packets. Output for the
first packet is:
bl ock l og br eak end
- - - - - 5- 10- 2009 23: 12: 08 - - - - - -
FW LOG Di r : I N Li ne: 37 Hi t s: 4730 I FACE: ETH 3
Sour ce I P: 222. 45. 112. 59 Dest I P: 217. 34. 133. 21 I D: 256 TTL: 106 PROTO: TCP ( 6)
Sr c Por t : 12200 Dst Por t : 8118
bl ock l og br eak end
- - - - - - - - - -
- - - - - 5- 10- 2009 23: 13: 15 - - - - - -
FW LOG Di r : I N Li ne: 37 Hi t s: 4731 I FACE: ETH 3
Sour ce I P: 218. 61. 22. 42 Dest I P: 217. 34. 133. 21 I D: 35372 TTL: 136 PROTO: TCP ( 6)
Sr c Por t : FTP CTL ( 21) Dst Por t : 16794
bl ock l og br eak end
- - - - - - - - - -
Next is the time stamp of the blocked packet.
- - - - - 5- 10- 2009 23: 12: 08 - - - - - -
FW LOG Di r : I N Li ne: 37 Hi t s: 4730 I FACE: ETH 3
Sour ce I P: 222. 45. 112. 59 Dest I P: 217. 34. 133. 21 I D: 256 TTL: 106 PROTO: TCP ( 6)
Sr c Por t : 12200 Dst Por t : 8118
Dir is the direction of the packet that was logged, either IN or OUT of the router.
n
Line is the line number within the firewall rules that caused this packet to be logged.
n
Hits is the number of packets that have matched this rule.
n
IFACE is the interface which the packet was logged on.
n
Source IP is the source IP address of the packet that was logged.
n
Dest IP is the destination IP address of the packet that was logged.
n
ID is the ID of the packet, this is taken from the packet header.
n
TTL is the Time To Live value.
n
PROTO is the layer 3 protocol of the logged packet.
n
Src Port is the source TCP or UDP port number of the packet that was logged.
n
Dst Port is the destination TCP or UDP port number of the packet that was logged.
n
block log break end is the actual rule that caused the packet to be logged.
n
Command line
Command
type fwlog.txt
Digi TransPort® Routers User Guide
scripts.
Options
Action
n/a
Displays the current firewall trace.
Show network interface status
864
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
