42
SBG1000 User Guide
Home
X
Exit
Overview Installation Troubleshooting Contact
FAQ Specifications Glossary License
Configuration:
Basic Gateway TCP/IP Wireless Print Server USB
Firewall > LOGS — config Page
If you enable the firewall by specifying a policy other than None (see “
Setting the Firewall Policy
”), you can use
this page to enable session, blocking, or intrusion logging.
If you enable the firewall, the blacklist log is always generated. Any IP address the firewall determines to have
breached the active policy is added to the blacklist log. To view the blacklist log, click
blacklist
. The firewall blocks
all traffic to and from a blacklisted IP address for 24 hours or until you reboot the SBG1000 or manually clear the
blacklist by clicking
Clear
on the Firewall > LOGS — blacklist page.
Firewall > LOGS — config page fields
Field or Button
Description
Enable Session Log
Check this box to log every data session from the private LAN that was authorized by the
SBG1000 firewall. Usually, the session log displays a history of normal data traffic. It also lists
the start of sessions the firewall terminated because:
•
The policy was changed
•
They were eventually determined to be an intrusion or attack
To display the session log, click
session
.
Enable Blocking Log
Check this box to log inbound and outbound packets that the SBG1000 firewall:
•
Does not allow to pass because they use protocols and/or ports not explicitly allowed by
the active policy
•
Determines to be invalid because of a session or reassembly timeout
To display the blocking log, click
blocking
.
Enable Intrusion Log
Check this box to log attacks using common network intrusion tactics that the SBG1000
firewall detects and stops.
To display the intrusion log, click
intrusion
.
Apply
Click to apply your changes.