Routing Logs; Lan To Wan Logs - NETGEAR FVX538 - ProSafe VPN Firewall 200 Router Reference Manual
Vpn firewall
Hide thumbs
Also See for FVX538 - ProSafe VPN Firewall 200 Router:
- Reference manual (222 pages) ,
- Reference manual (242 pages)
Table of Contents
Advertisement
Table C-18. System Logs: Invalid Packets (continued)
Message
Explanation
Recommended Action
Message
Explanation
Recommended Action
Routing Logs
This section is used to configure the logging options for each network segment like LAN-WAN for
debugging purposes. This may generate a significant volume of log messages.
LAN to WAN Logs
Table C-19. Routing Logs: LAN to WAN
Message
Explanation
Recommended Action
System Logs and Error Messages
ProSafe VPN Firewall 200 FVX538 Reference Manual
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][OUT_OF_WINDOW][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Packet not in TCP window
1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][ERR_HELPER_ROUTINE][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Error returned from helper routine
1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0
Nov 29 09:19:43 [FVX538] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN
SRC=192.168.10.10 DST=72.14.207.99 PROTO=ICMP TYPE=8 CODE=0
• This packet from LAN to WAN has been allowed by the firewall.
• For other parameters, refer to
None
v1.0, March 2009
Table
C-1.
C-13
Advertisement
Table of Contents
Troubleshooting
