Filter
Top Products
Appendix A Log Descriptions
ZyWALL USG 100/200 Series User’s Guide
786
Table 290 IPSec Logs
LOG MESSAGE DESCRIPTION
Corrupt packet,
Inbound transform
operation fail
The device received corrupt IPsec packets and could not process
them.
Encapsulated packet
too big with length
An outgoing packet needed to be transformed but was longer than
65535.
Get inbound transform
fail
When performing inbound processing for incoming IPSEC packets and
ICMPs related to them, the engine cannot obtain the transform
context.
Get outbound transform
fail
When outgoing packet need to be transformed, the engine cannot
obtain the transform context.
Inbound transform
operation fail
After encryption or hardware accelerated processing, the hardware
accelerator dropped a packet (resource shortage, corrupt packet,
invalid MAC, and so on).
Outbound transform
operation fail
After encryption or hardware accelerated processing, the hardware
accelerator dropped a packet (e.g., resource overflow, corrupt packet,
and so on).
Packet too big with
Fragment Off
An outgoing packet needed to be transformed, but the fragment flag
was off and the packet was too big.
SPI:0x%x SEQ:0x%x
Execute transform step
fail, ret=%d
The variables represent the SPI, sequence number and the error
number. When trying to perform transforming, the engine returned an
error.
SPI:0x%x SEQ:0x%x No
rule found, Dropping
packet
The variables represent the SPI and the sequence number. The
packet did not match the tunnel policy and was dropped.
SPI:0x%x SEQ:0x%x
Packet Anti-Replay
detected
The variables represent the SPI and the sequence number. The device
received a packet again (that it had already received).
VPN connection %s was
disabled.
%s is the VPN connection name. An administrator disabled the VPN
connection.
VPN connection %s was
enabled.
%s is the VPN connection name. An administrator enabled the VPN
connection.
Due to active
connection allowed
exceeded, %s was
deleted.
%s is the VPN connection name. The number of active connections
exceeded the maximum allowed.
Table 291 Firewall Logs
LOG MESSAGE DESCRIPTION
priority:%lu, from %s
to %s, service %s, %s
1st variable is the global index of rule, 2nd is the from zone,
3rd is the to zone, 4th is the service name, 5th is ACCEPT/DROP/
REJECT.
%s:%d: in %s(): Firewall is dead, trace to %s is which file, %d is which line, %s is which
function
Firewall has been %s. %s is enabled/disabled