[fragid]
Fragmentation ID. Valid if the IP packet is fragmented.
ipproto
The IP Protocol.
ipdatalen
The IP data length.
[srcport]
The source port. Valid if the protocol is TCP or UDP.
[destport]
The destination port. Valid if the protocol is TCP or UDP.
[tcphdrlen]
The TCP header length. Valid if the protocol is TCP.
[udptotlen]
The total UDP data length. Valid if the protocol is UDP.
[[tcpflag]=1]
The specific TCP flag is set. Valid if the protocol is TCP. Possible values for
tcpflag:
syn, rst, ack, psh, fin, urg, ece, cwr
and
ns
.
[icmptype]
The ICMP sub-protocol name. Valid if the protocol is ICMP.
[echoid]
The ICMP echo ID. Valid if the protocol is ICMP and sub-protocol is echo.
[echoseq]
The ICMP echo sequence number. Valid if the protocol is ICMP and
sub-protocol is echo.
[unreach]
The ICMP destination unreachable code. Valid if the protocol is ICMP and
sub-protocol is destination unreachable.
[redirect]
The ICMP redirect code. Valid if the protocol is ICMP and sub-protocol is
redirect.
[icmpcode]
The ICMP sub-protocol code. Valid if the protocol is ICMP and sub-protocol is
not echo, destination unreachable or redirect.
Connection
Additional information about a connection. Certain parameters may or may not be included
depending on the type and status of the connection. For example, the number of bytes sent by
the originator and terminator is only included if the connection is closed.
conn
The status of the connection. Possible values:
open, close, closing
and
unknown
.
connipproto
The IP protocol used in this connection.
connrecvif
The name of the receive interface.
connsrcip
The source IP address.
[connsrcport]
The source port. Valid if the protocol is TCP or UDP.
[connsrcidt]
The source ID. Valid if the protocol is not TCP or UDP.
conndestif
The name of the destination interface.
conndestip
The destination IP address.
[conndestport]
The destination port. Valid if the protocol is TCP or UDP.
[conndestidt]
The destination ID. Valid if the protocol is not TCP or UDP.
Chapter 1: Introduction
39
Summary of Contents for NetDefend DFL-260E
Page 32: ...List of Tables 1 Abbreviations 35 32...
Page 33: ...List of Examples 1 Log Message Parameters 34 2 Conditional Log Message Parameters 34 33...
Page 42: ...routemetric Route metric cost Chapter 1 Introduction 42...
Page 44: ...Chapter 1 Introduction 44...
Page 216: ...Rule Information Connection Chapter 2 Log Message Reference 216...
Page 243: ...client_ip Context Parameters Rule Name Packet Buffer Chapter 2 Log Message Reference 243...
Page 556: ...logger Chapter 2 Log Message Reference 556...
Page 613: ...Parameters location Chapter 2 Log Message Reference 613...