Filter
Top Products
Prestige 650 series User’s Guide
12-6 Creating Custom Rules
Table 12-1 Firewall Logs
LABEL DESCRIPTION EXAMPLE
Reason This field states the reason for the log; i.e., was the rule
matched, not matched, or was there an attack. The set and
rule coordinates (<X, Y> where X=1,2; Y=00~10) follow with a
simple explanation. There are two policy sets; set 1 (X = 1) is
for LAN to WAN rules and set 2 (X = 2) for WAN to LAN rules.
Y represents the rule in the set. You can configure up to 10
rules in any set (Y = 01 to 10). Rule number 00 is the default
rule.
not match
<1,01> dest IP
This means this packet
does not match the
destination IP address in
set 1, rule 1. Other
reasons (instead of dest
IP) are src IP, dest port,
src port and protocol.
This is a log for a DoS attack. attack land, ip spoofing,
icmp echo, icmp
vulnerability, NetBIOS,
smtp illegal command,
traceroute, teardrop, or
syn flood. Chapter 10 has
more detailed discussion
of what these attacks
mean.
Action This field displays whether the packet was blocked (i.e.,
silently discarded), forwarded or neither (Block, Forward or
None). “None” means that no action is dictated by this rule.
Block, Forward or None
Back
Click Back to return to the previous screen.
Previous
Page
Click Previous Page to view more logs.
Refresh
Click Refresh to update the report display. The report also refreshes automatically when
you close and reopen the screen.
Clear
Click Clear to delete all the logs.
Next Page
Click Next Page to view more logs.
12.5 Rule Summary
The fields in the Rule Summary screens are the same for Local Network and Internet,
so the discussion below refers to both.