System Logs and Error Messages
436
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
DMZ to LAN Logs
WAN to DMZ Logs
Other Event Logs
• Session Limit Logs
• Source MAC Filter Logs
• Bandwidth Limit Logs
This section describes the log messages genera
ted by other events such source MAC
filtering, session limiting, and bandwidth limiting. For information about how to select these
logs, see Configure Logging, Alerts, and Event Notifications on page 353.
Session Limit Logs
Table 136. Routing logs: DMZ to WAN
Message Nov 29 09:44:06 [SRX5308] [kernel] DMZ2LAN[DROP] IN=DMZ OUT=LAN SRC=
192.168.20.10 DST=192.168.10.10 PROTO=ICMP TYPE=8 CODE=0
Explanation • This packet from DMZ to LAN has been dropped by the firewall.
• For other settings, see Table 105 on
page 420.
Recommended action None
Table 137. Routing logs: WAN to DMZ
Message Nov 29 09:19:43 [SRX5308] [kernel] WAN2DMZ[ACCEPT] IN=WAN OUT=DMZ
SRC=192.168.1.214 DST=192.168.20.10 PROTO=ICMP TYPE=8 CODE=0
Explanation • This packet from WAN to DMZ has been allowed by the firewall.
• For other settings, see Table 105 on
page 420.
Recommended action None
Table 138. Other event logs: session limit logs
Message 2000 Jan 1 06:53:33 [SRX5308] [kernel] SESS_LIMIT[DROP] IN=LAN OUT=WAN
SRC=192.168.11.2 DST=20.0.0.1 PROTO=TCP SPT=50709 DPT=21
Explanation When two FTP sessions are established from the same LAN host at IP address
192.168.11.2 and a session limit (SESS_LIMIT) is set as 1, the FTP packets from
the second session are dropped.
Recommended action Change the session limit to 2 to prevent packets from being dropped.