Watchguard Firebox X1000 Reference Manual page 83

Reference Guide
- Avoid using dynamic NAT between your clients and your DNS
server.
- Disable the outgoing portion of the DNS proxied service and
replace it with a filtered DNS service.
firewalld[xxx] cs_server() failed (keys didn't match)
The cs_server is the process that listens for management
connections to the Firebox. There are two conditions under which
the error shown above occurs:
- Incorrectly entered passphrase
- Attempt to make two concurrent read-write connections to the
Firebox
firewalld[xxx]: cs_server() failed (response incomplete)
Firebox System Manager was unable to successfully complete a
connection to the Firebox. There are several potential causes of
this error; a common one is a very high traffic load at the time of
connection.
firewalld[] deny in eth0 68 54 24 29 www.xxx.yyy.zzz
www.xxx.yyy.zzz unknown ? (ip options)
IP options are obsolete IP parameters now used primarily for OS
fingerprinting and other types of IP stack-based probes. Most
routers strip IP options. By default, the Firebox denies them. This
feature can be modified using the Default Packet Handling dialog
box in Policy Manager.
firewalld[]: File synchronization completed
Indicates that the Management Station successfully completed the
transfer of a configuration file to the Firebox.
firewalld[] Pid xxx, died from signal 6.
A Pid is a process ID. In the Linux kernel, any new application is
assigned a process ID. In any case where a Pid dies, it is important
to determine what process was associated with the Pid number.
For instance, the Pid in a real log message may be 106. Earlier logs
could show that the HTTP Proxy was the process assigned Pid
106. In that case, this message would indicate that the HTTP-
proxy process aborted abnormally.
71