Filter
Top Products
Chapter 9. Configuring Firewall/NAT Settings RX3141 User’s Manual
62
Figure 9.11 Sample Firewall Log
9.7.1 Log Format
Two types of log are supported by the RX3141 – system security log and firewall access control log. They are
designated by the two keywords, sys and fw respectively. The log format is best explained by
examples:
System Security Log Example:
Jan 1 00:01:22 2000 klogd: sys: TCP XMAS/NULL packet from 192.168.1.100.
Explanation:
Jan 1 00:01:22 2000
indicates the time of the attack;
klogd: sys
, this attack is detected by the
system security model;
TCP XMAS/NULL
, the type of attack detected;
192.168.1.100
, source of the attack.
Firewall Access Control Log Example:
Jan 1 00:03:11 2000 klogd: fw: OUTBOUND rule=1 allow icmp from 192.168.1.100 to 211.1.1.1 type=8
code=0 id=512Explanation:
Jan 1 00:03:11 2000
indicates the time of the access;
klogd: fw
, indicates the log
is related to firewall access control;
OUTBOUND
, the direction of the traffic;
rule=1
, the rule that matches the
IP information of the traffic;
allow
, action taken by the firewall;
icmp
, protocol type of the traffic;
192.168.1.100
,
source of the traffic;
211.1.1.1
, destination of the traffic; type=8, ICMP message type; code=0, ICMP message
code; id=512, ICMP message ID.