Filter
Top Products
ZyWALL 10/50 Internet Security Gateway
15-2 Logs
Table 15-1 Log Screen
FIELD DESCRIPTION EXAMPLES
No. This is the index number of the firewall log. 128
entries are available numbered from 0 to 127.
Once they are all used, the log will wrap around
and the old logs will be lost.
dd:mm:yy e.g., Jan 1 0 Time This is the time the log was recorded in this
format. You must configure menu 24.10 for real-
time; otherwise the time shown in these examples
is displayed.
hh:mm:ss e.g., 00:00:00
From and To IP addresses Packet
Information
This field lists packet information such as:
protocol and port numbers.
This field states the reason for the log; i.e., was
the rule matched, not matched, or was there an
attack. The set and rule coordinates (<X, Y>
where X=1,2; Y=00~10) follow with a simple
explanation. There are two policy sets; set 1 (X =
1) is for LAN to WAN rules and set 2 (X = 2) for
WAN to LAN rules. Y represents the rule in the
set. You can configure up to 10 rules in any set (Y
= 01 to 10). Rule number 00 is the default rule.
not match
<1,01> dest IP
This means this packet
does not match the
destination IP address in
set 1, rule 1. Other reasons
(instead of dest IP) are src
IP, dest port, src port and
protocol.
Reason
This is a log for a DoS attack attack
land, ip spoofing, icmp
echo, icmp vulnerability,
NetBIOS, smtp illegal
command, traceroute,
teardrop, or syn flood.
Chapter 10 has more
detailed discussion of what
these attacks mean.
Action This field displays whether the packet was
blocked (i.e., silently discarded), forwarded or
neither (Block, Forward or None). “None” means
that no action is dictated by this rule.
Block, Forward
or None
Click Previous Page or Next Page to view other pages in your log. Click Refresh to renew the log
screen or Clear to clear all the logs. Click Help for online HTML help on fields in this screen.
When you have finished viewing this screen, click another link to exit.