manualshive.com logo in svg

D-Link DFL-210 - NetDefend - Security Appliance, Справочное руководство по журналу операций, Страница: 31 / 476

Поделиться
Скачать
D-Link DFL-210 - NetDefend - Security Appliance Скачать руководство пользователя страница 31

1.2. Context Parameters

In many cases, information regarding a certain object is featured in the log message. This can be
information about, for example, a connection. In this case, the log message should, besides all the
normal log message attributes, also include information about which protocol is used, source and
destination IP addresses and ports (if applicable), and so on.

As the same information will be included in many log messages, these are referenced as a Context
Parameter. So whenever a log message includes information about a connection, it will feature the
CONN parameter in the Context Parameter list. This means that additional information about the
connection will also be included in the log message.

A description of all available context parameters follows with an explanation of all the additional
parameters. The names of the additional parameters are specified using the Syslog format.

ALG Module Name

An ALG is always of a certain type, for example FTP, H323 or HTTP. This parameter specifies the
name of the ALG sub-module, in order to quickly distinguish which type of ALG this is.

algmod

The name of the ALG sub-module.

ALG Session ID

Each ALG session has its own session ID, which uniquely identifies an ALG session. This is useful,
for example, when matching the opening of an ALG session with the closure of the same ALG
session.

algsesid

The session ID of an ALG session.

Packet Buffer

Information about the packet buffer, which in turn contains a large number of additional objects.
Certain parameters may or may not be included, depending on the type of packet buffer. For
example, the TCP flags are only included if the buffer contains a TCP protocol, and the
ICMP-specific parameters are only included if the buffer contains a ICMP protocol.

recvif

The name of the receiving interface.

[hwsender]

The sender hardware address. Valid if the protocol is ARP.

[hwdest]

The destination hardware address. Valid if the protocol is ARP.

[arp]

The ARP state. Valid if the protocol is ARP. Possible values: request|reply.

[srcip]

The source IP Address. Valid if the protocol is not ARP.

[destip]

The destination IP Address. Valid if the protocol is not ARP.

iphdrlen

The IP header length.

[fragoffs]

Fragmentation offset. Valid if the IP packet is fragmented.

[fragid]

Fragmentation ID. Valid if the IP packet is fragmented.

ipproto

The IP Protocol.

ipdatalen

The IP data length.

1.2. Context Parameters

Chapter 1. Introduction

31

Содержание DFL-210 - NetDefend - Security Appliance

Страница 1: ...Network Security Solution http www dlink com Security Security DFL 210 800 1600 2500 DFL 260 860 1660 2560 G Ver 2 27 01 Network Security Firewall Log Reference Guide...

Страница 2: ...ide DFL 210 260 800 860 1600 1660 2500 2560 2560G NetDefendOS Version 2 27 01 D Link Corporation No 289 Sinhu 3rd Rd Neihu District Taipei City 114 Taiwan R O C http www DLink com Published 2010 06 22...

Страница 3: ...s for a particular purpose D Link reserves the right to revise this publication and to make changes from time to time in the content hereof without any obligation to notify any person or parties of su...

Страница 4: ...nreachable ID 00200119 45 2 1 22 wcf_srv_connection_error ID 00200120 46 2 1 23 wcf_server_unreachable ID 00200121 46 2 1 24 wcf_connecting ID 00200122 46 2 1 25 wcf_server_connected ID 00200123 47 2...

Страница 5: ...2 1 80 failed_to_create_connection1 ID 00200218 67 2 1 81 illegal_command ID 00200219 68 2 1 82 illegal_direction1 ID 00200220 68 2 1 83 illegal_direction2 ID 00200221 69 2 1 84 illegal_option ID 002...

Страница 6: ...65 91 2 1 143 invalid_packet_received ID 00200366 91 2 1 144 failed_create_connection ID 00200367 91 2 1 145 invalid_packet_received_reopen ID 00200368 92 2 1 146 packet_out_of_sequence ID 00200369 92...

Страница 7: ...ion ID 00200522 114 2 1 205 sipalg_transaction_deleted ID 00200523 115 2 1 206 sipalg_transaction_state_updated ID 00200524 115 2 1 207 no_route_found ID 00200526 115 2 1 208 failed_to_get_free_port I...

Страница 8: ...on_failed ID 05800004 139 2 3 5 decompression_failed ID 05800005 139 2 3 6 compression_ratio_violation ID 05800006 140 2 3 7 compression_ratio_violation ID 05800007 140 2 3 8 compression_ratio_violati...

Страница 9: ...o_new_conn_for_this_packet ID 00600013 163 2 8 10 no_return_route ID 00600014 164 2 8 11 reverse_connect_attempt ID 00600015 164 2 8 12 port_0_illegal ID 00600020 164 2 8 13 udp_src_port_0_illegal ID...

Страница 10: ...ID 00900005 185 2 11 6 request_for_ip_from_non_bound_client_without_state ID 00900006 185 2 11 7 request_for_ip_from_bound_client_without_state ID 00900007 185 2 11 8 request_for_ip_from_non_bound_cli...

Страница 11: ..._error ID 02200004 207 2 14 5 gre_length_error ID 02200005 208 2 14 6 gre_send_routing_loop_detected ID 02200006 208 2 14 7 unmatched_session_key ID 02200007 208 2 14 8 gre_routing_flag_set ID 0220000...

Страница 12: ...D 01300014 231 2 17 15 idp_failscan ID 01300015 231 2 17 16 idp_failscan ID 01300016 232 2 18 IDPPIPES 233 2 18 1 conn_idp_piped ID 06100001 233 2 18 2 host_idp_piped ID 06100002 233 2 18 3 out_of_mem...

Страница 13: ...254 2 22 23 pm_create_failed ID 01800204 254 2 22 24 failed_to_start_ipsec ID 01800206 254 2 22 25 failed_create_audit_module ID 01800207 255 2 22 26 failed_to_configure_IPsec ID 01800210 255 2 22 27...

Страница 14: ...me ID 01802046 272 2 22 85 ipsec_sa_lifetime ID 01802047 273 2 22 86 ipsec_sa_lifetime ID 01802048 273 2 22 87 ipsec_sa_informal ID 01802058 273 2 22 88 ipsec_invalid_protocol ID 01802059 274 2 22 89...

Страница 15: ...te_access_subnets ID 01802714 290 2 22 146 event_on_ike_sa ID 01802715 290 2 22 147 ipsec_sa_selection_failed ID 01802717 290 2 22 148 certificate_search_failed ID 01802718 291 2 22 149 ipsec_sa_event...

Страница 16: ...2 308 2 24 3 ip_rsv_flag_set ID 01600003 308 2 25 IP_OPT 310 2 25 1 source_route ID 01700001 310 2 25 2 timestamp ID 01700002 310 2 25 3 router_alert ID 01700003 310 2 25 4 ipopt_present ID 01700004 3...

Страница 17: ...us_accounting ID 02800017 331 2 27 16 l2tpclient_tunnel_up ID 02800018 332 2 27 17 malformed_packet ID 02800019 332 2 27 18 waiting_for_ip_to_listen_on ID 02800050 332 2 28 NATPOOL 333 2 28 1 uninitia...

Страница 18: ...a ID 02400300 353 2 29 48 internal_error_unable_to_map_identifier ID 02400301 354 2 29 49 lsa_size_too_big ID 02400302 354 2 29 50 memory_usage_exceeded_70_percent_of_max_allowed ID 02400303 354 2 29...

Страница 19: ...700012 371 2 32 13 pptp_session_up ID 02700013 372 2 32 14 tunnel_idle_timeout ID 02700014 372 2 32 15 session_idle_timeout ID 02700015 373 2 32 16 pptpclient_start ID 02700017 373 2 32 17 pptpclient_...

Страница 20: ...r_console_denied ID 04900007 393 2 36 8 sesmgr_session_maximum_reached ID 04900008 393 2 36 9 sesmgr_allocate_error ID 04900009 393 2 36 10 sesmgr_session_activate ID 04900010 394 2 36 11 sesmgr_sessi...

Страница 21: ...03200400 413 2 41 14 log_messages_lost_due_to_log_buffer_exhaust ID 03200401 414 2 41 15 ssl_encryption_failed ID 03200450 414 2 41 16 bidir_fail ID 03200600 414 2 41 17 disk_cannot_remove_file ID 03...

Страница 22: ...cale ID 03400018 437 2 43 17 mismatching_tcp_window_scale ID 03400019 437 2 44 THRESHOLD 439 2 44 1 conn_threshold_exceeded ID 05300100 439 2 44 2 reminder_conn_threshold ID 05300101 439 2 44 3 conn_t...

Страница 23: ...ges_not_supported ID 03700108 460 2 47 31 ldap_auth_error ID 03700109 460 2 47 32 user_logout ID 03700110 460 2 47 33 ldap_session_new_out_of_memory ID 03700401 461 2 47 34 cant_create_new_request ID...

Страница 24: ..._to_create_rule ID 03800007 472 2 49 8 failed_writing_zonededense_state_to_media ID 03800008 473 2 49 9 failed_to_create_access_rule ID 03800009 473 2 49 10 no_response_trying_to_erase_profile ID 0380...

Страница 25: ...List of Tables 1 Abbreviations 28 25...

Страница 26: ...List of Examples 1 Log Message Parameters 27 2 Conditional Log Message Parameters 27 26...

Страница 27: ...the name of a conditional log message parameter Example 1 Log Message Parameters Log Message New configuration activated by user username and committed via authsystem Parameters authsystem username B...

Страница 28: ...otocol Security L2TP Layer 2 Tunneling Protocol NAT Network Address Translation OSPF Open Shortest Path First PPP Point to Point Protocol PPPoE Point to Point Protocol over Ethernet RADIUS Remote Auth...

Страница 29: ...fies the log message The first 3 digits identify the category to which the log message belongs Note In this guide the Name and the ID of the log message form the title of the section describing the lo...

Страница 30: ...featured in this reference guide and is never actually included in the log message Revision The current revision of the log message This is increased each time a log message is changed between two rel...

Страница 31: ...d The name of the ALG sub module ALG Session ID Each ALG session has its own session ID which uniquely identifies an ALG session This is useful for example when matching the opening of an ALG session...

Страница 32: ...ination unreachable or redirect Connection Additional information about a connection Certain parameters may or may not be included depending on the type and status of the connection For example the nu...

Страница 33: ...T source rule Valid if the rule action is SAT satdestrule The name of the SAT destination rule Valid if the rule action is SAT srcusername The name of the authenticated user in the source network obje...

Страница 34: ...A Dynamic Route Additional information about events regarding a dynamic route event The dynamic routing event that occurred Possible values add remove modify export unexport and unknown from Originati...

Страница 35: ...e unit 4 Warning Warning conditions which could affect the functionality of the unit 5 Notice Normal but significant conditions 6 Informational Informational conditions 7 Debug Debug level events Prio...

Страница 36: ...1 3 Severity levels Chapter 1 Introduction 36...

Страница 37: ...P page 168 DHCPRELAY page 174 DHCPSERVER page 184 DYNROUTING page 193 FRAG page 196 GRE page 207 HA page 210 HWM page 220 IDP page 225 IDPPIPES page 233 IDPUPDATE page 236 IFACEMON page 239 IPPOOL pag...

Страница 38: ...FENSE page 471 Sort Order All log messages are sorted by their category and then by their ID number 2 1 ALG These log messages refer to the ALG Events from Application Layer Gateways category 2 1 1 al...

Страница 39: ...lose Recommended Action If the maximum line length is configued too low increase it Revision 1 Parameters len max Context Parameters ALG Module Name ALG Session ID 2 1 4 alg_session_allocation_failure...

Страница 40: ...URL The reason for this is problaby because the requested URL has an invalid format or it contains invalid UTF8 formatted characters Gateway Action close Recommended Action Make sure that the request...

Страница 41: ...the server is sending such large amounts of suspicious data Revision 1 Parameters algname Context Parameters ALG Module Name ALG Session ID 2 1 9 invalid_chunked_encoding ID 00200107 Default Severity...

Страница 42: ...rver ignored this and sent compressed data anyway As content processing will not work if the data is compressed the connection will be closed Gateway Action close Recommended Action Research the sourc...

Страница 43: ...e HTTP Server Closing connection ALG name algname Explanation The unit failed to connect to the HTTP Server resulting in that the ALG session could not be successfully opened Gateway Action close Reco...

Страница 44: ...iltering has been disabled due to license restriction Gateway Action no_valid_license Recommended Action Extend valid time for Content Filtering Revision 2 Context Parameters ALG Module Name 2 1 18 ma...

Страница 45: ...dule Name ALG Session ID 2 1 20 out_of_memory ID 00200118 Default Severity CRITICAL Log Message HTTPALG Failed to allocate memory Explanation The unit does not have enough available RAM WCF could not...

Страница 46: ...name Context Parameters ALG Module Name ALG Session ID 2 1 23 wcf_server_unreachable ID 00200121 Default Severity ERROR Log Message HTTPALG Failed to connect to web content server failedserver Explana...

Страница 47: ...ID 00200124 Default Severity INFORMATIONAL Log Message HTTPALG Falling back from secondary servers to primary server Explanation Web Content Filtering falls back to primary server after 60 minutes or...

Страница 48: ...ded Action None Revision 2 Parameters categories audit override url algname Context Parameters Connection Connection ALG Module Name ALG Session ID 2 1 29 wcf_server_auth_failed ID 00200127 Default Se...

Страница 49: ...url Categories categories Audit audit Override override ALG name algname Explanation The URL has been requested Gateway Action allow_audit_mode Recommended Action None Revision 2 Parameters categories...

Страница 50: ...idden URL url eventhough Restricted Site Notice was applied ALG name algname Explanation The URL has been requested and the categories are forbidden Restricted Site Notice was applied Gateway Action a...

Страница 51: ...algname Explanation The URL has been requested Gateway Action allow Recommended Action None Revision 1 Parameters categories audit override url user algname Context Parameters Connection Connection AL...

Страница 52: ...l user algname Context Parameters Connection Connection ALG Module Name ALG Session ID 2 1 39 restricted_site_notice ID 00200138 Default Severity WARNING Log Message HTTPALG User requests the forbidde...

Страница 53: ...Connection Connection ALG Module Name ALG Session ID 2 1 41 wcf_mem_optimized ID 00200140 Default Severity DEBUG Log Message HTTPALG Optimizing WCF memory usage Explanation The Web Content Filtering...

Страница 54: ...her than the configured value Gateway Action session_rejected Recommended Action This can be a possible DOS attack Revision 2 Parameters sender_email_address Context Parameters ALG Module Name ALG Ses...

Страница 55: ...Gateway Action close Recommended Action If possible verify response codes sent from server Revision 3 Context Parameters Connection ALG Module Name ALG Session ID 2 1 47 sender_email_id_mismatched ID...

Страница 56: ...CPT TO e mail address is in Black List SMTP ALG rejected the client request Gateway Action reject Recommended Action None Revision 1 Parameters sender_email_address recipient_email_addresses Context P...

Страница 57: ...mail_addresses Context Parameters ALG Module Name ALG Session ID 2 1 52 base64_decode_failed ID 00200165 Default Severity ERROR Log Message SMTPALG Base 64 decode failed Attachment is allowed Explanat...

Страница 58: ...ntent type mismatch in file filename Identified filetype filetype Explanation The filetype of the file does not match the actual content type As there is a content type mismatch data is discarded Gate...

Страница 59: ...tion Content type should be matched Revision 3 Parameters filename filetype sender_email_address recipient_email_addresses Context Parameters ALG Module Name ALG Session ID 2 1 57 all_recipient_email_...

Страница 60: ...saction will be terminated Gateway Action block Recommended Action Research how the client is sending invalid end of mail Revision 1 Parameters sender_email_address recipient_email_addresses Context P...

Страница 61: ...teway Action ignore Recommended Action None Revision 1 Context Parameters ALG Module Name ALG Session ID 2 1 63 failed_send_reply_code ID 00200181 Default Severity ERROR Log Message SMTPALG Could not...

Страница 62: ...2 1 66 cmd_pipelined ID 00200186 Default Severity ERROR Log Message SMTPALG Received pipelined request Explanation The SMTP ALG does not support pipelined requests The appearance of this log message...

Страница 63: ...Action None Revision 1 Parameters sender_email_address Context Parameters ALG Module Name ALG Session ID 2 1 69 illegal_data_direction ID 00200202 Default Severity ERROR Log Message FTPALG TCP data f...

Страница 64: ...e Revision 1 Context Parameters ALG Module Name ALG Session ID Rule Information Connection 2 1 72 illegal_chars ID 00200210 Default Severity WARNING Log Message FTPALG 8 bit characters in control chan...

Страница 65: ...ID Connection 2 1 74 illegal_command ID 00200212 Default Severity WARNING Log Message FTPALG Failed to parse command from peer as a FTP command String string Closing connection Explanation An invalid...

Страница 66: ...a PORT command which is not valid since the client is not allowed to do active FTP The command will be rejected Gateway Action rejecting_command Recommended Action If the client should be allowed to d...

Страница 67: ...r string Context Parameters ALG Module Name ALG Session ID Connection 2 1 79 illegal_port_number ID 00200217 Default Severity CRITICAL Log Message FTPALG Illegal PORT command from peer port port not a...

Страница 68: ...lanation The client tried to issue a SITE EXEC command which is not valid since the client is not allowed to do this The command will be rejected Gateway Action rejecting_command Recommended Action If...

Страница 69: ...rs ALG Module Name ALG Session ID Connection 2 1 84 illegal_option ID 00200222 Default Severity WARNING Log Message FTPALG Invalid OPTS argument from peer String string Rejecting command Explanation A...

Страница 70: ...xplanation An unknown OPTS argument was received and the command will be rejected Gateway Action rejecting_command Recommended Action If unknown commands should be allowed modify the FTPALG configurat...

Страница 71: ...ation Revision 1 Parameters peer string Context Parameters ALG Module Name ALG Session ID Connection 2 1 89 illegal_reply ID 00200228 Default Severity WARNING Log Message FTPALG Illegal numerical repl...

Страница 72: ...sive mode response from peer String string Closing connection Explanation An illegal response was received from the server and the connection is closed Gateway Action close Recommended Action None Rev...

Страница 73: ...omised and should not be trusted Revision 1 Parameters peer port range string Context Parameters ALG Module Name ALG Session ID Connection 2 1 94 bad_ip ID 00200234 Default Severity CRITICAL Log Messa...

Страница 74: ...d_to_create_server_data_connection ID 00200236 Default Severity ERROR Log Message FTPALG Failed to create server data connection Peer peer Connection connection Explanation An error occured when creat...

Страница 75: ...R Log Message FTPALG Internal Error failed to merge conns Closing connection Explanation An internal error occured when two connections were being merged into one and the connection will be closed Gat...

Страница 76: ...R Log Message FTPALG Failed to connect to the FTP Server Closing connection Explanation The unit failed to connect to the FTP Server resulting in that the ALG session could not be successfully opened...

Страница 77: ...not be sent to AVSE for scanning since file transfer begins from within the middle of the file The scanning process will fail for compressed files Gateway Action data_blocked_control_and_data_channel_...

Страница 78: ...ce Fail Mode is Allow Gateway Action allow_data_without_scan Recommended Action Update Fail Mode parameter if the file should be blocked Revision 2 Parameters filename filetype Context Parameters ALG...

Страница 79: ...arser is in unknown state Explanation The H 225 parser failed to parse the H 225 message The ALG session will be closed Gateway Action None Recommended Action None Revision 1 Parameters peer state Con...

Страница 80: ...ity WARNING Log Message H323ALG Encoding of message from peer failed Closing session Explanation The ASN 1 encoder failed to encode the message The ALG session will be closed Gateway Action close Reco...

Страница 81: ...nded Action None Revision 1 Parameters peer message_type Context Parameters ALG Module Name ALG Session ID Connection 2 1 116 decode_failed ID 00200306 Default Severity WARNING Log Message H323ALG Fai...

Страница 82: ...channels has been reached for this session Gateway Action None Recommended Action If the maximum number of TCP data channels per session is too low increase it Revision 1 Parameters max_channels Conte...

Страница 83: ...G Session ID Connection 2 1 121 com_mode_response_message_not_translated ID 00200311 Default Severity WARNING Log Message H323ALG CommunicationModeResponse not translated Explanation The H 245 Communi...

Страница 84: ...nless the system increases the amount of free memory Gateway Action close Recommended Action None Revision 1 Context Parameters ALG Module Name 2 1 124 max_h323_gk_sessions_reached ID 00200314 Default...

Страница 85: ...resulting in that the ALG session could not open successfully Gateway Action close Recommended Action Verify that there is a listening H 323 Server on the specified address Revision 1 Context Paramete...

Страница 86: ...nvalid characters Closing connection Gateway Action reject Recommended Action If all characters in filenames should be allowed modify the TFTP Alg configuration Revision 1 Parameters filename Context...

Страница 87: ...e Explanation Option contained no readable value Closing connection Gateway Action reject Recommended Action None Revision 1 Parameters option Context Parameters ALG Module Name ALG Session ID Connect...

Страница 88: ...ID 00200358 Default Severity WARNING Log Message TFTPALG Option tsize value value exceeding allowed value maxvalue Explanation Option tsize value exceeding allowed value Closing connection Gateway Ac...

Страница 89: ...d Action None Revision 1 Parameters option Context Parameters ALG Module Name ALG Session ID Connection 2 1 138 option_value_invalid ID 00200361 Default Severity WARNING Log Message TFTPALG Option opt...

Страница 90: ...e value should be allowed modify the TFTP Alg configuration Revision 1 Parameters old_blksize new_blksize Context Parameters ALG Module Name ALG Session ID Connection 2 1 141 max_tftp_sessions_reached...

Страница 91: ...d packet Opcode opcode Packet length packet_length Explanation Received invalid packet Closing connection Gateway Action close Recommended Action None Revision 1 Parameters opcode packet_length Contex...

Страница 92: ...ut_of_sequence ID 00200369 Default Severity WARNING Log Message TFTPALG Received packet out of sequence opcode opcode packet length packet_length Explanation Received packet out of sequence Closing co...

Страница 93: ...configuration Revision 1 Context Parameters ALG Module Name ALG Session ID Connection 2 1 149 failed_strip_option ID 00200372 Default Severity ERROR Log Message TFTPALG Failed to strip options intern...

Страница 94: ...ers ALG Module Name ALG Session ID Connection 2 1 152 max_pop3_sessions_reached ID 00200380 Default Severity WARNING Log Message POP3ALG Maximum number of POP3 sessions max_sessions for service reache...

Страница 95: ...POP3 Server resulting in that the ALG session could not be successfully opened Gateway Action close Recommended Action Verify that there is a listening POP3 Server on the specified address Revision 1...

Страница 96: ...ver is sending unknown response The response will be blocked Gateway Action block Recommended Action None Revision 1 Parameters command response Context Parameters ALG Module Name ALG Session ID 2 1 1...

Страница 97: ...verity WARNING Log Message POP3ALG Command line blocked line begins with linebegin Invalid line length len Explanation The client is sending command with invalid command length The command will be blo...

Страница 98: ...ext Parameters ALG Module Name 2 1 163 content_type_mismatch_mimecheck_disabled ID 00200391 Default Severity NOTICE Log Message POP3ALG Content type mismatch found for the file filename It is identifi...

Страница 99: ...wed The command will be blocked Gateway Action block Recommended Action If the command are to be allowed change the Alg configuration Note The STLS command is allways blocked Revision 1 Parameters com...

Страница 100: ...WARNING Log Message POP3ALG Mail contains invalid line endings Explanation Mail contains invalid line endings Gateway Action block Recommended Action Research why mail contains invalid line endings R...

Страница 101: ...failed_create_new_session ID 00200451 Default Severity WARNING Log Message TLSALG Failed to create new TLSALG session out of memory Explanation An attempt to create a new TLSALG session failed becaus...

Страница 102: ...eters ALG Module Name ALG Session ID 2 1 174 tls_renegotiation_attempted ID 00200454 Default Severity WARNING Log Message TLSALG TLS renegotiation attempted but not supported Explanation The TLS peer...

Страница 103: ...ey to perform the key exchange The certificate can not be sent and the TLS ALG session will be closed Gateway Action close Recommended Action Change cipher suites and or certificate Revision 1 Paramet...

Страница 104: ...l traffic Revision 1 Parameters algname Context Parameters ALG Module Name ALG Session ID 2 1 179 tls_invalid_message ID 00200459 Default Severity ERROR Log Message TLSALG Invalid TLS message_type mes...

Страница 105: ...ters ALG Module Name ALG Session ID 2 1 182 tls_out_of_memory ID 00200462 Default Severity ERROR Log Message TLSALG Out of memory Explanation The unit was unable to allocate the memory required to pro...

Страница 106: ...e closed Gateway Action close Recommended Action None Revision 1 Parameters algname Context Parameters ALG Module Name ALG Session ID 2 1 185 sdp_message_parsing_failed ID 00200501 Default Severity ER...

Страница 107: ...fault Severity ERROR Log Message SIPALG SIP message parsing failed Explanation SIP part of message failed parsing due to malformed message Reason reason Gateway Action drop Recommended Action Examine...

Страница 108: ...IP URI has been reached Gateway Action close Recommended Action If the maximum number of SIPALG sessions per SIP URI is too low increase it Revision 2 Parameters max_ses_per_id from_uri to_uri srcip s...

Страница 109: ...meters method from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 192 sip_request_response_timeout ID 00200508 Default Severity WARNING Log Message SIPALG SIP request...

Страница 110: ...tport Context Parameters ALG Module Name 2 1 194 unsuccessful_registration ID 00200510 Default Severity WARNING Log Message SIPALG Unsuccessful registration Explanation The user failed to register Rea...

Страница 111: ...be found in the register table Reason reason Gateway Action drop Recommended Action None Revision 2 Parameters reason from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name...

Страница 112: ...Revision 2 Parameters method from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 199 failed_to_find_session ID 00200515 Default Severity ERROR Log Message SIPALG Fail...

Страница 113: ...efault Severity DEBUG Log Message SIPALG SIP ALG session state updated Explanation The SIP ALG session state updated to session_state state Gateway Action allow Recommended Action None Revision 2 Para...

Страница 114: ...way Action drop Recommended Action None Revision 2 Parameters method from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 204 failed_to_find_transaction ID 00200522 Def...

Страница 115: ...rs ALG Module Name ALG Session ID 2 1 206 sipalg_transaction_state_updated ID 00200524 Default Severity DEBUG Log Message SIPALG Transaction state updated Explanation A SIP ALG transaction state has b...

Страница 116: ...r for the given host Explanation Failed to get free port for the given host Reason reason Gateway Action drop Recommended Action The system is unstable and might require a reboot Revision 2 Parameters...

Страница 117: ...n 2 Parameters method from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 211 failed_to_update_contact ID 00200530 Default Severity ERROR Log Message SIPALG Failed to...

Страница 118: ...Severity ERROR Log Message SIPALG Failed to modify via in message Explanation Failed to modify the via header in message for method request Gateway Action drop Recommended Action None Revision 2 Para...

Страница 119: ...ateway Action drop Recommended Action None Revision 2 Parameters method from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 216 failed_to_modify_request ID 00200535 De...

Страница 120: ...ID 00200537 Default Severity WARNING Log Message SIPALG General Error Explanation General error while processing message Reason reason Gateway Action drop Recommended Action None Revision 2 Parameter...

Страница 121: ...op Recommended Action Change configuration to free up more RAM Revision 1 Parameters message 2 1 221 null_sip_message_received ID 00200540 Default Severity ERROR Log Message SIPALG SIP packet receptio...

Страница 122: ...Parameters ALG Module Name 2 1 224 dns_resolution_failed ID 00200545 Default Severity CRITICAL Log Message Failed to do dns resolve Explanation An attempt to resolve dns failed Reason reason Gateway...

Страница 123: ...dropped Gateway Action drop Recommended Action None Revision 1 Context Parameters ALG Module Name 2 1 227 failed_to_parse_media ID 00200549 Default Severity ERROR Log Message SIPALG Failed to parse me...

Страница 124: ...n_per_session_reached ID 00200551 Default Severity WARNING Log Message SIPALG Maximum number of sessions per Service has been reached Explanation The configured maximum number of transaction max_tsxn_...

Страница 125: ...on_invalid_state Gateway Action close Recommended Action None Revision 2 Parameters session_invalid_state from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 232 sipal...

Страница 126: ...rcport destip destport Context Parameters ALG Module Name 2 1 234 failed_to_find_callleg ID 00200556 Default Severity WARNING Log Message SIPALG Failed to find callleg Explanation Failed to find calll...

Страница 127: ...deleted Explanation The callleg for method request is deleted Gateway Action close Recommended Action None Revision 2 Parameters method from_uri to_uri srcip srcport destip destport Context Parameter...

Страница 128: ...ameters callleg_state from_uri to_uri srcip srcport destip destport Context Parameters ALG Module Name 2 1 239 failed_to_modify_sat_request ID 00200561 Default Severity ERROR Log Message SIPALG Failed...

Страница 129: ...PTPALG Failed to create new PPTPALG session out of memory Explanation An attempt to create a new PPTPALG session failed The unit has run out of memory Gateway Action close Recommended Action Decrease...

Страница 130: ...emoved Explanation A PPTP tunnel has been removed between the PPTP client and the PPTP ALG Gateway Action None Recommended Action None Revision 1 Context Parameters ALG Session ID ALG Module Name 2 1...

Страница 131: ...evision 1 Context Parameters ALG Session ID ALG Module Name 2 1 248 pptp_malformed_packet ID 00200609 Default Severity WARNING Log Message Malformed packet received from remotegw on iface Explanation...

Страница 132: ...gateway Gateway Action None Recommended Action None Revision 1 Context Parameters ALG Session ID ALG Module Name 2 1 249 pptp_tunnel_established_server ID 00200610 Chapter 2 Log Message Reference 132...

Страница 133: ...sion 1 Parameters sender_email_address drop_address Context Parameters ALG Module Name ALG Session ID 2 2 2 dnsbl_allocate_error ID 05900800 Default Severity EMERGENCY Log Message Could not allocate m...

Страница 134: ...NOTICE Log Message Session created for IP ipaddr for algname Explanation Session created and awaiting processing Gateway Action none Recommended Action None Revision 1 Parameters type algname ipaddr 2...

Страница 135: ...sabled Explanation The DNSBL has been disabled due to few active BlackLists Gateway Action none Recommended Action Check configuration of DNSBL Revision 1 Parameters type algname 2 2 9 dnsbl_active ID...

Страница 136: ...as it failed to respond to the query Gateway Action none Recommended Action Check configuration if keeps begin disabled Revision 1 Parameters type algname blacklist 2 2 12 dnsbl_txtrecord_truncated ID...

Страница 137: ...ion with IP ipaddr for algname Explanation DNSBL name will not fit the string buffer and will be truncated Gateway Action none Recommended Action None Revision 1 Parameters type algname ipaddr 2 2 13...

Страница 138: ...s filename virusname virussig advisoryid layer7_srcinfo layer7_dstinfo Context Parameters ALG Module Name ALG Session ID Connection 2 3 2 virus_found ID 05800002 Default Severity WARNING Log Message V...

Страница 139: ...Message Decompression error for file filename Explanation The file could not be scanned by the anti virus module since the decompression of the compressed file failed Since anti virus is running in pr...

Страница 140: ...ession ratio higher than the specified value Action is set to continue scan Gateway Action continue_scan Recommended Action Files with too high compression ratio can consume large amount of resources...

Страница 141: ...ratio can consume large amount of resources This can be a DOS attack Revision 1 Parameters filename comp_ratio layer7_srcinfo layer7_dstinfo Context Parameters ALG Module Name ALG Session ID Connecti...

Страница 142: ...800011 Default Severity ERROR Log Message Anti virus scan engine failed for the file filename Explanation An error occured in the anti virus scan engine Since anti virus is running in protect mode the...

Страница 143: ...Anti virus scanning can be turned off in order to avoid future postings of this log message Revision 2 Context Parameters ALG Session ID 2 3 14 no_signature_database ID 05800016 Default Severity CRIT...

Страница 144: ...der to free up more RAM Revision 2 Context Parameters ALG Session ID 2 3 17 decompression_failed_encrypted_file ID 05800024 Default Severity WARNING Log Message Decompression failed for file filename...

Страница 145: ...me ALG Session ID Connection 2 3 19 unknown_encoding ID 05800182 Default Severity WARNING Log Message SMTPALG Content transfer encoding is unknown or not present Explanation Antivirus module cannot sc...

Страница 146: ...known Fail Mode is deny so data is blocked Gateway Action block_data Recommended Action None Revision 1 Parameters filename unknown_content_transfer_encoding sender_email_address Context Parameters AL...

Страница 147: ...Context Parameters ALG Module Name ALG Session ID 2 3 22 unknown_encoding ID 05800185 Chapter 2 Log Message Reference 147...

Страница 148: ...sage ARP query sender IP is 0 0 0 0 Explanation The source IP address of an ARP query is 0 0 0 0 Allowing Gateway Action allow Recommended Action If this is not the desired behaviour modify the config...

Страница 149: ...e the case if there are load balancing network equipment in the network Allowing Gateway Action allow Recommended Action If this is not the desired behaviour modify the configuration Revision 1 Contex...

Страница 150: ...r processing Explanation A known dynamic ARP entry has a different hardware address than the one in the ARP packet Allowing packet for further processing Gateway Action allow_processing Recommended Ac...

Страница 151: ...rule in access section Explanation The ARP sender IP address is verified by an expect rule in the access section Gateway Action access_allow Recommended Action None Revision 1 Context Parameters Rule...

Страница 152: ...e load balancing network equipment in the network Dropping packet Gateway Action drop Recommended Action If this is not the desired behaviour modify the configuration Revision 1 Context Parameters Rul...

Страница 153: ...planation A known dynamic ARP entry has a different hardware address than the one in the ARP packet Dropping packet Gateway Action drop Recommended Action If this is not the desired behaviour modify t...

Страница 154: ...base_downloaded ID 05000002 Default Severity NOTICE Log Message New anti virus database downloaded Explanation An updated version of the anti virus database has been downloaded which will now be used...

Страница 155: ...manual antivirus update has been performed Gateway Action antivirus_disabled Recommended Action Check and set the system time correct and perform a manual antivirus update Revision 1 Parameters date 2...

Страница 156: ...Recommended Action None Revision 1 2 5 7 unsynced_databases ID 05000008 Chapter 2 Log Message Reference 156...

Страница 157: ...everity WARNING Log Message Unable to allocate static entry for host Explanation Unable to allocate static entry Unit is low on memory Gateway Action no_block Recommended Action Review the configurati...

Страница 158: ...on Protocol proto IP ip Port port Explanation A blacklist entry was added which matched the IP address of this packet Thus it was dropped accordingly Gateway Action drop Recommended Action Investigate...

Страница 159: ...triggered dynamic blacklisting Revision 1 Parameters rule description proto ip port 2 6 6 packet_blacklisted ID 04600006 Chapter 2 Log Message Reference 159...

Страница 160: ...n If this is a reoccurring event try increasing the number of HighBuffers Revision 1 Parameters duration buf_usage 2 7 2 buffers_profile ID 00500002 Default Severity DEBUG Log Message Buffer requested...

Страница 161: ...g Message Connection closed Explanation A connection has been closed Gateway Action close Recommended Action None Revision 1 Context Parameters Rule Information Connection 2 8 3 connection_table_full...

Страница 162: ...tion closed Explanation A connection has been closed Gateway Action close Recommended Action None Revision 1 Context Parameters Rule Information Connection 2 8 6 out_of_connections ID 00600010 Default...

Страница 163: ...cket since the combination of TCP flags is wrong Only packets with the SYN TCP flag set as the only TCP flag are allowed to open a new TCP connection Gateway Action reject Recommended Action None Revi...

Страница 164: ...5 Default Severity WARNING Log Message Disallowed reverse connect attempt from peer Dropping Explanation State inspector does not allow this packet in reverse direction on the already opened connectio...

Страница 165: ...acket Buffer 2 8 14 udp_src_port_0_forwarded ID 00600022 Default Severity WARNING Log Message UDP source port is set to 0 Forwards packet Explanation The UDP source port was set to 0 This can be used...

Страница 166: ...TIONAL Log Message FTPALG Incoming passive data channel Explanation A passive data channel connection has been established Gateway Action None Recommended Action None Revision 1 Context Parameters ALG...

Страница 167: ...e FTPALG Passive data channel closed Explanation A passive data channel was closed Gateway Action None Recommended Action None Revision 1 Context Parameters ALG Module Name ALG Session ID Rule Informa...

Страница 168: ...2 lease_changed ID 00700002 Default Severity WARNING Log Message Some vital parameter s in the lease on interface iface have changed restarting DHCP process Explanation The DHCP server have updated s...

Страница 169: ...Severity NOTICE Log Message Interface iface lease expired Explanation A lease have expired and the ip data for this interface are no longer valid Gateway Action restart Recommended Action Check connec...

Страница 170: ...erver configuration Revision 1 Parameters iface server_id Context Parameters Packet Buffer 2 9 8 invalid_netmask ID 00700009 Default Severity WARNING Log Message Interface iface received a lease with...

Страница 171: ...teway Action drop Recommended Action Check DHCP server configuration Revision 1 Parameters iface offered_ip Context Parameters Packet Buffer 2 9 11 invalid_gateway ID 00700012 Default Severity WARNING...

Страница 172: ...h if used will cause an IP collision with a configured route Gateway Action drop Recommended Action Check DHCP server configuration and the SG interface configuration Revision 1 Parameters iface dhcp_...

Страница 173: ...Context Parameters Packet Buffer 2 9 14 route_collision ID 00700015 Chapter 2 Log Message Reference 173...

Страница 174: ...was successfully auto saved to disk Explanation The DHCP relay list was successfully written to disk Gateway Action None Recommended Action None Revision 1 2 10 3 dhcp_pkt_too_small ID 00800003 Defau...

Страница 175: ...ommended Action Verify packets per minute limit Revision 1 Context Parameters Packet Buffer 2 10 6 relayer_resuming ID 00800006 Default Severity NOTICE Log Message The relayer is now resuming packets_...

Страница 176: ...n_state ID 00800009 Default Severity WARNING Log Message Got server reply without transaction state for client client_hw Dropping Explanation Received a server reply without a matching transaction sta...

Страница 177: ...2 Default Severity WARNING Log Message Request ignored according to the ruleset Explanation A DHCP relay request was ignored according to the rules Gateway Action ignore Recommended Action None Revisi...

Страница 178: ...RM packet passed a relayer but the client ip isnt set Dropping Explanation Received relayed INFORM DHCP packet with illegally missing client IP Gateway Action drop Recommended Action Investigate what...

Страница 179: ...Severity WARNING Log Message Unable to get free transaction state for client client_hw Dropping Explanation Unable to get a free transaction state to handle client request Gateway Action drop Recomme...

Страница 180: ...ket Buffer 2 10 21 relayed_request ID 00800021 Default Severity NOTICE Log Message Relayed BOOTP request from client client_hw to dest_ip Explanation Relayed a BOOTP request Gateway Action None Recomm...

Страница 181: ...rules Gateway Action drop Recommended Action Verify allowed lease addresses setting Revision 1 Parameters iface server_ip ip Context Parameters Rule Name Packet Buffer 2 10 24 illegal_client_ip_assig...

Страница 182: ...d_dhcp_reply ID 00800026 Default Severity NOTICE Log Message Relayed DHCP reply type to client client_hw Explanation Relayed DHCP reply to client Gateway Action None Recommended Action None Revision 1...

Страница 183: ...meters type gateway_ip Context Parameters Rule Name Packet Buffer 2 10 29 relayed_bootp_reply ID 00800029 Default Severity NOTICE Log Message Relayed BOOTP reply to gateway gateway_ip Explanation Rela...

Страница 184: ...nable to send reply since the DHCP option section is too big Gateway Action drop Recommended Action Reduce the number of used DHCP options Revision 1 2 11 3 unable_to_save_lease_db ID 00900003 Default...

Страница 185: ...ent_without_state ID 00900006 Default Severity WARNING Log Message Received a request from client not in bound client for IP client_ip without state Rejecting Explanation Received a request from a non...

Страница 186: ...client client_ip Context Parameters Packet Buffer 2 11 9 all_ip_pools_depleted ID 00900010 Default Severity WARNING Log Message All IP pools are depleted Unable to handle request Ignoring Explanation...

Страница 187: ...ID 00900013 Default Severity NOTICE Log Message Offer for IP client_ip timed out Was offered to client client_hw Explanation An offer to a client was never accepted and timed out Gateway Action lease_...

Страница 188: ...depleted ID 00900016 Default Severity NOTICE Log Message All IPs in the pool are now in use Explanation All IPs the the pool have been consumed Gateway Action None Recommended Action Extend the pool t...

Страница 189: ...acket Buffer 2 11 18 client_bound ID 00900019 Default Severity NOTICE Log Message Client client_hw accepted IP client_ip Client is now bound Explanation Client accepted the IP address and are now boun...

Страница 190: ...ent_hw client_ip Context Parameters Rule Name Packet Buffer 2 11 21 decline_for_ip_on_wrong_iface ID 00900022 Default Severity NOTICE Log Message Got decline for ip client_ip on wrong interface recv r...

Страница 191: ...IP Gateway Action blacklist Recommended Action Check network for statically configured hosts or incorrectly proxy ARPed routes Revision 1 Parameters client_hw client_ip Context Parameters Rule Name P...

Страница 192: ...nsistent routes Revision 1 Parameters client_hw client_ip recv_if client_if Context Parameters Rule Name Packet Buffer 2 11 26 released_by_client ID 00900027 Default Severity NOTICE Log Message Client...

Страница 193: ...ext Parameters Dynamic Route Rule Name Route 2 12 2 route_exported_to_ospf_as ID 01100002 Default Severity NOTICE Log Message Route exported to OSPF AS Explanation A route was just exported to a OSPF...

Страница 194: ...2 12 5 route_added ID 01100005 Default Severity NOTICE Log Message Route added Explanation A route was just added Gateway Action None Recommended Action None Revision 1 Context Parameters Dynamic Rout...

Страница 195: ...2 12 6 route_removed ID 01100006 Chapter 2 Log Message Reference 195...

Страница 196: ...ned fragments Dropping Explanation An Internal Error occured when freeing an active fragment Dropping packet Gateway Action drop Recommended Action None Revision 1 Context Parameters Dropped Fragments...

Страница 197: ...Revision 1 Parameters srcip destip ipproto fragid fragact frags Context Parameters Dropped Fragments Rule Name 2 13 5 fail_suspect_timeout ID 02000005 Default Severity CRITICAL Log Message Time out re...

Страница 198: ...ments Rule Name 2 13 7 disallowed_suspect ID 02000007 Default Severity WARNING Log Message Dropping stored fragments of disallowed suspect packet Frags frags srcip destip ipproto FragID fragid State f...

Страница 199: ...of illegal packet Frags frags srcip destip ipproto FragID fragid State fragact Explanation The fragments of an illegal IP packet were dropped Gateway Action drop Recommended Action None Revision 1 Pa...

Страница 200: ...commended Action None Revision 1 Parameters state Context Parameters Dropped Fragments Rule Name 2 13 12 drop_duplicate_frag_suspect_packet ID 02000012 Default Severity WARNING Log Message Dropping du...

Страница 201: ...utside of the allowed IP size range Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters minipdatalen maxipdatalen Context Parameters Rule Name Packet Buffer 2 13 15 no_av...

Страница 202: ...aximum maxipdatalen Explanation The fragment offset plus length would result in a greater length than the configured maximum length of an IP packet Dropping packet Gateway Action drop Recommended Acti...

Страница 203: ...an already received fragment but the fragment lengths differ Dropping packet Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name Packet Buffer 2 13 21 duplicate_frag_wi...

Страница 204: ...owed IP packet which may contain illegal fragments is dropped Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name Packet Buffer 2 13 24 drop_frag_disallowed_packet ID 0...

Страница 205: ...l fragments is dropped Gateway Action drop Recommended Action None Revision 1 Context Parameters Rule Name Packet Buffer 2 13 27 drop_frag_failed_packet ID 02000027 Default Severity WARNING Log Messag...

Страница 206: ...rity CRITICAL Log Message Internal Error Contains fragments even when freeing Dropping Explanation An Internal Error occured when freeing an active fragment Dropping packet Gateway Action drop Recomme...

Страница 207: ...verity WARNING Log Message GRE packet with bad flag s Packet dropped Explanation Received GRE packet with a bad flag combination Gateway Action drop Recommended Action Check GRE endpoint configuration...

Страница 208: ...sion 1 Context Parameters Packet Buffer 2 14 6 gre_send_routing_loop_detected ID 02200006 Default Severity WARNING Log Message Routing loop detected GRE packet send failed Explanation Routing loop to...

Страница 209: ...essage Received GRE packet with routing flag set Packet dropped Explanation Received GRE packet with unsupported routing option enabled Gateway Action drop Recommended Action Check GRE configuration o...

Страница 210: ...anation The peer gateway which was inactive is not available anymore This gateway will continue to stay active Gateway Action None Recommended Action None Revision 1 2 15 3 conflict_both_peers_active...

Страница 211: ...ID 01200006 Default Severity NOTICE Log Message Both active peer has more connections deactivating Explanation Both members are active but the peer has more connections This gateway will de activate...

Страница 212: ...s This gateway will stay inactive Gateway Action stay_deactivated Recommended Action None Revision 1 2 15 10 peer_has_fewer_connections ID 01200010 Default Severity NOTICE Log Message Both inactive pe...

Страница 213: ...have arrived on the sync iface Dropping Explanation The HA packet did not arrive on the sync interface The packet will be dropped Gateway Action drop Recommended Action None Revision 1 Context Parame...

Страница 214: ...anges again Revision 1 2 15 17 ha_write_failed ID 01200053 Default Severity WARNING Log Message Could not write HA configuration to disk Explanation The HA configuration could not be written to the st...

Страница 215: ...peer as the peer has been restarted Initializing re synchronization process Gateway Action resync_conns_init Recommended Action None Revision 1 Parameters reason numconns 2 15 21 hasync_connection_est...

Страница 216: ...ction None Revision 1 2 15 24 resync_conns_to_peer_complete ID 01200300 Default Severity NOTICE Log Message Connection resynchronization to peer complete Explanation The connection resynchronization p...

Страница 217: ...d HA heartbeat with too low TTL Dropping Explanation The received HA heartbeat packet had a TTL Time To Live field which is too low The packet will be dropped Gateway Action drop Recommended Action No...

Страница 218: ...00616 Default Severity NOTICE Log Message Both active deactivation in progress Explanation Both active deactivation in progress Gateway Action None Recommended Action None Revision 1 2 15 31 action ac...

Страница 219: ...Gateway Action None Recommended Action None Revision 1 Parameters previous_shutdown 2 15 32 action going_online ID 01200618 Chapter 2 Log Message Reference 219...

Страница 220: ...Shutdown the unit and determine the problem Revision 1 Parameters index name unit current_temp min_limit max_limit 2 16 2 temperature_normal ID 04000012 Default Severity WARNING Log Message Temperatu...

Страница 221: ...n_limit upper limit is max_limit Explanation The sensor reports that the voltage value is back in the normal range Gateway Action None Recommended Action None Revision 1 Parameters index name unit cur...

Страница 222: ...rent_fanrpm min_limit max_limit 2 16 7 gpio_alarm ID 04000041 Default Severity WARNING Log Message GPIO monitor index name is outside the specified limit Current value is current_gpio unit value is cu...

Страница 223: ...ee_percentage Explanation The amount of free memory is getting low Gateway Action None Recommended Action Review the configuration and disable or lower settings to reduce memory consumption Revision 1...

Страница 224: ...he amount of free memory is in the normal range free free_mem MB of total total_mem MB percentage free free_percentage Explanation The memory usage is in the normal range Gateway Action None Recommend...

Страница 225: ...pect an attack Revision 1 Parameters description signatureid idrule ipproto srcip srcport destip destport Context Parameters Rule Name Deep Inspection 2 17 2 idp_notice ID 01300002 Default Severity WA...

Страница 226: ...ion 1 Parameters description signatureid idrule ipproto srcip srcport destip destport Context Parameters Rule Name Deep Inspection 2 17 4 virus_detected ID 01300004 Default Severity WARNING Log Messag...

Страница 227: ...natureid idrule ipproto srcip srcport destip destport Context Parameters Rule Name Deep Inspection 2 17 6 idp_notice ID 01300006 Default Severity NOTICE Log Message IDP Notice description Signature ID...

Страница 228: ...rule ipproto srcip srcport destip destport Context Parameters Rule Name Deep Inspection 2 17 8 virus_detected ID 01300008 Default Severity NOTICE Log Message Virus Worm detected description Signature...

Страница 229: ...tport Context Parameters Rule Name 2 17 10 invalid_url_format ID 01300010 Default Severity WARNING Log Message Failed to parse the HTTP URL ID Rule idrule URL url Source IP srcip Source Port srcport D...

Страница 230: ...ce IP srcip Source Port srcport Destination IP destip Destination Port destport Explanation The unit failed to reassemble data The reason for this is problaby due to an IDP engine evasion attack Gatew...

Страница 231: ...memory Gateway Action ignore Recommended Action Review your configuration Revision 1 Parameters idrule srcip srcport destip destport Context Parameters Rule Name 2 17 15 idp_failscan ID 01300015 Defa...

Страница 232: ...P srcip Source Port srcport Destination IP destip Destination Port destport Reason reason Explanation The unit failed to scan data Gateway Action ignore Recommended Action None Revision 1 Parameters i...

Страница 233: ...ynamic pipe state added for host host Throughput limited to limit for all new connections for ttl seconds Explanation An IDP Pipe event triggered The host host will be dynamically piped with a total t...

Страница 234: ...age Removed IDP dynamic pipe state for host host due to TTL expire Explanation An old dynamic pipe entry was removed since its TTL expired Connections to and from this host are no longer piped Gateway...

Страница 235: ...is piped to limit kbps since either the source or destination IP is dynamically throttled by IDP dynamic pipe state New connections to and from the IP will be throttled as long as an IDP Pipe state ex...

Страница 236: ...atabase_downloaded ID 01400002 Default Severity NOTICE Log Message New Intrusion Detection Prevention database downloaded Explanation An updated version of the Intrusion Detection Prevention database...

Страница 237: ...IDP features IDP features remains disabled until clock is correct and a manual IDP update has been performed Gateway Action idp_disabled Recommended Action Check and set the system time correct and pe...

Страница 238: ...update is automatically initiated Gateway Action downloading_new_database Recommended Action None Revision 1 2 19 7 unsynced_databases ID 01400009 Chapter 2 Log Message Reference 238...

Страница 239: ...Default Severity WARNING Log Message IfaceMon reports interface problems on iface Resetting interface Link status linkspeed Mbps duplex duplex Explanation The Interface Monitor has discovered problem...

Страница 240: ...Revision 1 Parameters iface linkspeed duplex 2 20 3 ifacemon_status_bad ID 03900004 Chapter 2 Log Message Reference 240...

Страница 241: ...valid DHCP offers were received Explanation No valid DHCP offers were received Gateway Action no_new_client_created Recommended Action Review DHCP server parameters and IP pool filters Revision 1 Cont...

Страница 242: ...r filter Gateway Action lease_rejected Recommended Action Verify the server filters Revision 1 Parameters server_ip Context Parameters Rule Name 2 21 6 lease_have_bad_dhcp_server ID 01900006 Default S...

Страница 243: ...Action Check DHCP server configuration Revision 1 Parameters broadcast Context Parameters Rule Name 2 21 9 lease_have_bad_offered_ip ID 01900009 Default Severity WARNING Log Message The lease was rej...

Страница 244: ...e 2 21 12 lease_rejected_by_server ID 01900012 Default Severity WARNING Log Message The lease was rejected by server Explanation A lease was rejected by the DHCP server Gateway Action lease_rejected R...

Страница 245: ...everity ERROR Log Message The range of MAC addresses for the DHCPClients have been depleted Explanation The configured range of MAC addresses for the DHCP clients have been depleted Gateway Action no_...

Страница 246: ...bsystem returned an IP to the pool Explanation A subsystem returned an IP to the pool Gateway Action inform Recommended Action None Revision 1 Parameters client_ip subsystem Context Parameters Rule Na...

Страница 247: ...Severity WARNING Log Message Warning event occured because of reason Explanation Warning event from IPsec stack Gateway Action None Recommended Action None Revision 1 Parameters reason 2 22 3 audit_ev...

Страница 248: ..._ip Remote IP remote_ip Cookies cookies Reason reason Explanation None Gateway Action None Recommended Action None Revision 1 Parameters local_ip remote_ip cookies reason 2 22 6 ike_invalid_payload ID...

Страница 249: ...Log Message Local IP local_ip Remote IP remote_ip Cookies cookies Reason reason Explanation The retry limit for transmitting ISAKMP messages was reached Gateway Action None Recommended Action None Re...

Страница 250: ...source_ip Destination IP dest_ip SPI spi Seq seq Protocol protocol Reason reason Explanation The computed and ICV of the received packet did not match Gateway Action drop Recommended Action None Revi...

Страница 251: ...mmended Action None Revision 1 Parameters source_ip dest_ip spi seq protocol reason 2 22 14 ip_fragment ID 01800114 Default Severity NOTICE Log Message Source IP source_ip Destination IP dest_ip SPI s...

Страница 252: ...rce_ip Destination IP dest_ip SPI spi Seq seq Protocol protocol Reason reason Explanation The received packet has incorrect padding Gateway Action drop Recommended Action None Revision 1 Parameters so...

Страница 253: ...seq protocol reason 2 22 19 commit_failed ID 01800200 Default Severity CRITICAL Log Message Failed to commit IPsec configuration Explanation Failed to commit IPsec configuration Gateway Action IPsec_...

Страница 254: ...ation_disabled Recommended Action None Revision 1 2 22 23 pm_create_failed ID 01800204 Default Severity ERROR Log Message Failed to create policymanager Explanation Failed to create policymanager Out...

Страница 255: ...ration Gateway Action IPsec_configuration_disabled Recommended Action Reconfigure_IPsec Revision 1 Parameters error_msg 2 22 27 reconfig_IPsec ID 01800211 Default Severity INFORMATIONAL Log Message Re...

Страница 256: ...anation Failed to add specified host certificate Gateway Action certificate_disabled Recommended Action Reconfigure_tunnnel Revision 1 Parameters certificate tunnel 2 22 31 Default_IKE_DH_groups_will_...

Страница 257: ...eysize lifetimes for IKE algorithm Gateway Action use_default_values_for_algorithm Recommended Action None Revision 1 Parameters alg tunnel 2 22 34 failed_to_add_root_certificate ID 01800306 Default S...

Страница 258: ...Recommended Action None Revision 1 Parameters gateway ipsectunnel 2 22 37 failed_to_add_peer ID 01800312 Default Severity ERROR Log Message Failed to add remote gateway gateway resolved by DNS for IP...

Страница 259: ...solved by DNS Gateway Action IPsec_tunnel_disabled Recommended Action None Revision 1 Parameters gateway ipsectunnel 2 22 40 new_remote_gw_ip ID 01800315 Default Severity INFORMATIONAL Log Message Res...

Страница 260: ...318 Default Severity ERROR Log Message Failed to set callback for Dead Peer Detection Explanation Failed to set callback for Dead Peer Detection User will not receive log message when a peer has been...

Страница 261: ...n remote access idlist type for tunnel tunnel Explanation Invalid type for ID in remote access idlist have been specified in configuration Gateway Action vpntunnel_disabled Recommended Action Reconfig...

Страница 262: ...n None Revision 1 2 22 50 IPSec_tunnel_added ID 01800333 Default Severity INFORMATIONAL Log Message IPsec tunnel added to the configuration Explanation An IPsec tunnel has been enabled or added to the...

Страница 263: ...nel_modified ID 01800336 Default Severity INFORMATIONAL Log Message IPsec tunnel configuration modified Explanation An IPsec tunnel has been modified Gateway Action reconfiguration Recommended Action...

Страница 264: ...tunnel tunnel Explanation Critical configuration error on tunnel tunnel Gateway Action restart Recommended Action Restart Revision 1 Parameters tunnel 2 22 57 ippool_does_not_exist ID 01800400 Defaul...

Страница 265: ...ction None Revision 2 2 22 60 recieved_packet_to_disabled_IPsec ID 01800501 Default Severity NOTICE Log Message Received plain text packet to IPsec while shutting down Packet will be dropped Explanati...

Страница 266: ...Default Severity ERROR Log Message Failed to lookup route No route for packet Explanation No remote gateway for packet i e no route defined Gateway Action packet_will_be_dropped Recommended Action Non...

Страница 267: ...Revision 1 Parameters allowed_tunnels 2 22 67 SAs_not_killed_for_remote_peer ID 01800901 Default Severity CRITICAL Log Message Failed to kill associated SA s for remotepeer peer s Explanation This hap...

Страница 268: ...t Severity WARNING Log Message Trigger for non IP packet of protocol proto Dropping request for policy Explanation Trigger for non IP packet dropping request Gateway Action dropping_request Recommende...

Страница 269: ...tions reached Gateway Action rekey_not_done Recommended Action None Revision 1 2 22 74 max_number_of_tunnels_reached ID 01802011 Default Severity WARNING Log Message Negotiation aborted due to license...

Страница 270: ...E SA completed Gateway Action None Recommended Action None Revision 1 Parameters options mode auth encryption keysize hash dhgroup bits lifetime 2 22 77 ike_sa_negotiation_failed ID 01802030 Default S...

Страница 271: ...sa info negotiation completed Explanation Child SA negotiatiion successfully completed Gateway Action ipsec_sa_enabled Recommended Action None Revision 3 Parameters sa info local_peer remote_peer spi_...

Страница 272: ...d SPI spiin Outbound SPI spiout Algoritm mac Explanation Log information about SPI values and algorithms fro Child SA Gateway Action None Recommended Action None Revision 2 Parameters spiin spiout mac...

Страница 273: ...Recommended Action None Revision 1 Parameters kb 2 22 86 ipsec_sa_lifetime ID 01802048 Default Severity INFORMATIONAL Log Message Local lifetime child SA infinite Explanation Inform about lifetime fo...

Страница 274: ...not be initiated with NAT T Gateway Action ipsec_sa_negotiation_aborted Recommended Action None Revision 1 2 22 90 create_rules_failed ID 01802080 Default Severity ERROR Log Message Cannot insert thi...

Страница 275: ...22 93 no_key_method_configured_for tunnel ID 01802102 Default Severity ERROR Log Message Tunnel does not specify any keying method IKE or manual Explanation No keying method IKE manual is configured f...

Страница 276: ...fy AUTHENTICATION ONLY with PASS rules Gateway Action None Recommended Action None Revision 1 2 22 97 invalid_rule_setting ID 01802107 Default Severity ERROR Log Message To tunnel specified for a REJE...

Страница 277: ...cy rules reached Explanation The maximum number of policy rules reached Gateway Action VPN_configuration_disabled Recommended Action Review the advanced setting IPsecMaxRules Revision 2 2 22 101 suspi...

Страница 278: ...encryption is required Explanation ESP tunnel not configured with any encryption algorithm not even Null Gateway Action VPN_tunnel_disabled Recommended Action Reconfigure_tunnel Revision 1 Parameters...

Страница 279: ...22 107 invalid_tunnel_configuration ID 01802209 Default Severity ERROR Log Message Auto start tunnel tunnel configured for per port or per host SA Explanation per port or per host SA can not be specif...

Страница 280: ...key sizes specified for algorithms Gateway Action VPN_tunnel_disabled Recommended Action Reconfigure_tunnel Revision 2 2 22 111 invalid_key_size ID 01802215 Default Severity ERROR Log Message Algorit...

Страница 281: ...ty ERROR Log Message Configured max cipher key size keysize is bigger than the built in maximum max Explanation Tunnel configured invalid key size for cipher Gateway Action VPN_tunnel_disabled Recomme...

Страница 282: ...identity specified in configuration Gateway Action VPN_tunnel_invalid Recommended Action Reconfigure_remote_id Revision 1 Parameters id 2 22 118 malformed_psk_configured ID 01802229 Default Severity...

Страница 283: ...age The maximum number of active Phase 1 negotiations reached Explanation Maximum number of active Phase 1 negotiations reached Gateway Action negotiation_aborted Recommended Action None Revision 2 2...

Страница 284: ...22 125 could_not_get_subject_nam_from_ca_cert ID 01802602 Default Severity WARNING Log Message Could not get subject name from a CA certificate This certificate is not usable as an IPsec authenticato...

Страница 285: ...usted set for a CA certificate Explanation Could not set the trusted set for a CA certificate Gateway Action certificate_disabled Recommended Action None Revision 1 2 22 129 could_not_insert_cert_to_d...

Страница 286: ...efault Severity ERROR Log Message Could not insert certificate into local database Explanation Could not insert certificate into local database Gateway Action certificate_disabled Recommended Action N...

Страница 287: ...sage IKE SA Local IKE peer local_peer Remote IKE peer remote_peer Internal severity level int_severity Explanation Ike SA sucessfully installed Gateway Action ike_sa_completed Recommended Action None...

Страница 288: ...format Explanation Could_not_decode_certificate Gateway Action certificate_invalid Recommended Action None Revision 1 2 22 139 ike_sa_destroyed ID 01802708 Default Severity INFORMATIONAL Log Message I...

Страница 289: ...2 remote_access_dns ID 01802711 Default Severity INFORMATIONAL Log Message DNS for remote access attributes dns_server Explanation DNS for remote access attributes Gateway Action None Recommended Acti...

Страница 290: ...ibutes subnets Explanation Subnets remote access attributes Gateway Action None Recommended Action None Revision 1 Parameters subnets 2 22 146 event_on_ike_sa ID 01802715 Default Severity WARNING Log...

Страница 291: ...e failed Gateway Action certificate_failure Recommended Action None Revision 1 Parameters reason int_severity 2 22 149 ipsec_sa_event ID 01802730 Default Severity WARNING Log Message IPsec SA negotiat...

Страница 292: ...Parameters spiin spiout 2 22 152 ID 01802735 Default Severity INFORMATIONAL Log Message L2TP side negotiation event msg local_peer remote_peer Internal severity level int_severity Explanation L2TP neg...

Страница 293: ...mended Action None Revision 1 2 22 155 init_rulelooklup_failed ID 01802903 Default Severity CRITICAL Log Message Initialization of rule lookup failed Explanation Initialization of rule lookup failed G...

Страница 294: ...d Recommended Action None Revision 1 2 22 159 init_interface_table_failed ID 01802907 Default Severity CRITICAL Log Message Initialization of interface table failed Explanation Initialization of inter...

Страница 295: ...failed Gateway Action ipsec_disabled Recommended Action None Revision 1 2 22 163 init_transform_table_failed ID 01802911 Default Severity CRITICAL Log Message Allocation of transform table failed size...

Страница 296: ...table failed Gateway Action ipsec_disabled Recommended Action None Revision 1 2 22 167 init_inbound_spi_hash_failed ID 01802915 Default Severity CRITICAL Log Message Allocation of inbound spi hash ta...

Страница 297: ...sage Allocation of transform context table failed Explanation Allocation of transform context table failed Gateway Action ipsec_disabled Recommended Action None Revision 1 2 22 171 init_nat_table_fail...

Страница 298: ...1802922 Default Severity CRITICAL Log Message Opening the interceptor failed Explanation Opening the interceptor failed Gateway Action ipsec_disabled Recommended Action None Revision 1 2 22 175 malfor...

Страница 299: ...ke_phase1_notification ID 01803003 Default Severity WARNING Log Message status Phase 1 notification from remote_peer for protocol proto SPI spi msg type size bytes Explanation Received a IKE Phase 2 n...

Страница 300: ...ange_event ID 01803022 Default Severity INFORMATIONAL Log Message Config Mode exchange event msg reason Explanation A Config Mode exchange event occured Gateway Action None Recommended Action None Rev...

Страница 301: ...Config Mode exchange event occured Gateway Action None Recommended Action None Revision 1 Parameters msg reason 2 22 185 config_mode_exchange_event ID 01803026 Default Severity INFORMATIONAL Log Mess...

Страница 302: ...se the SPI size did not match the expected value 4 Gateway Action None Recommended Action None Revision 1 Parameters remote_peer spi_size 2 22 188 ike_phase2_notification ID 01803029 Default Severity...

Страница 303: ...erify remote peer s identity Gateway Action None Recommended Action None Revision 1 2 22 191 malformed_ipsec_sa_proposal ID 01803050 Default Severity WARNING Log Message Malformed IPsec SA proposal re...

Страница 304: ...ING Log Message Could not select proposal for IPsec SA sa_index Explanation Could not select proposal for IPsec SA Gateway Action None Recommended Action None Revision 2 Parameters sa_index 2 22 195 f...

Страница 305: ...ay Action None Recommended Action None Revision 1 Parameters msg int_severity 2 22 198 ipsec_hwaccel_failed ID 01803410 Default Severity WARNING Log Message Failed to create a hardware acceleration co...

Страница 306: ...erity WARNING Log Message Disallowed IP version ipver Explanation The received packet has a disallowed IP version and will be dropped Gateway Action drop Recommended Action None Revision 1 Parameters...

Страница 307: ...rop Recommended Action None Revision 1 Parameters iptotlen recvlen Context Parameters Rule Name Packet Buffer 2 23 5 invalid_ip_checksum ID 01500005 Default Severity WARNING Log Message Invalid IP hea...

Страница 308: ...n Context Parameters Rule Name Packet Buffer 2 24 2 ip_rsv_flag_set ID 01600002 Default Severity NOTICE Log Message The IP Reserved Flag was set Ignoring Explanation The received packet has the IP Res...

Страница 309: ...Context Parameters Rule Name Packet Buffer 2 24 3 ip_rsv_flag_set ID 01600003 Chapter 2 Log Message Reference 309...

Страница 310: ...ID 01700002 Default Severity NOTICE Log Message Packet has a timestamp IP Option Explanation The packet contains a timestamp IP Option Ignoring Gateway Action ignore Recommended Action None Revision 1...

Страница 311: ...ation The IP Option type is multi byte which requires two bytes and there is less than two bytes available Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters ipopt minop...

Страница 312: ...erity WARNING Log Message IP Option Type ipopt Bad length optlen for route Route Dropping Explanation An invalid length is specified for the IP Option type Dropping packet Gateway Action drop Recommen...

Страница 313: ...option_timestamps ID 01700016 Default Severity WARNING Log Message Multiple timestamps in IP options Dropping Explanation The packet contains mutliple timestamps in IP Options Dropping packet Gateway...

Страница 314: ...le Name Packet Buffer 2 25 14 bad_timestamp_pointer ID 01700019 Default Severity WARNING Log Message IP Option Type ipopt Bad Timestamp Pointer tsptr with overflow oflo Dropping Explanation The packet...

Страница 315: ...n drop Recommended Action None Revision 1 Parameters ipopt optlen Context Parameters Rule Name Packet Buffer 2 25 17 router_alert_disallowed ID 01700022 Default Severity WARNING Log Message Router Ale...

Страница 316: ...on which is disallowed Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters ipopt optname Context Parameters Rule Name Packet Buffer 2 25 18 ipopt_present_disallowed ID 01...

Страница 317: ...None Revision 1 Parameters ip_multicast_addr eth_multicast_addr Context Parameters Rule Name Packet Buffer 2 26 2 invalid_ip4_header_length ID 07000012 Default Severity WARNING Log Message Invalid IP...

Страница 318: ...Parameters ttl ttlmin Context Parameters Rule Name Packet Buffer 2 26 5 ip_rsv_flag_set ID 07000015 Default Severity WARNING Log Message The IP Reserved Flag was set Dropping Explanation The received...

Страница 319: ...nded Action None Revision 1 Parameters ipdatalen tcphdrlen Context Parameters Rule Name Packet Buffer 2 26 8 oversize_udp ID 07000021 Default Severity WARNING Log Message Configured size limit for the...

Страница 320: ...limit for the ICMP protocol was exceeded Dropping packet Gateway Action drop Recommended Action This can be changed under the Advanced Settings section Revision 1 Parameters proto Context Parameters...

Страница 321: ...eters Rule Name Packet Buffer 2 26 13 oversize_gre ID 07000050 Default Severity WARNING Log Message Configured size limit for the GRE protocol exceeded Dropping Explanation The configured size limit f...

Страница 322: ...ID 07000053 Default Severity WARNING Log Message Configured size limit for the SKIP protocol exceeded Dropping Explanation The configured size limit for the SKIP protocol was exceeded Dropping packet...

Страница 323: ...Rule Name Packet Buffer 2 26 19 oversize_ipcomp ID 07000056 Default Severity WARNING Log Message Configured size limit for the IPComp protocol exceeded Dropping Explanation The configured size limit f...

Страница 324: ...xt Parameters Rule Name Packet Buffer 2 26 22 fragmented_icmp ID 07000070 Default Severity WARNING Log Message This ICMP type is not allowed to be fragmented Dropping Explanation The ICMP type is not...

Страница 325: ...on None Revision 1 Parameters icmpdatalen icmpipver Context Parameters Rule Name Packet Buffer 2 26 25 invalid_icmp_data_too_small ID 07000073 Default Severity WARNING Log Message Invalid ICMP data le...

Страница 326: ...pdataminlen Context Parameters Rule Name Packet Buffer 2 26 27 invalid_icmp_data_invalid_paramprob ID 07000075 Default Severity WARNING Log Message Invalid ICMP ProbPtr ICMPDataLen icmpdatalen ICMPIPD...

Страница 327: ...ARNING Log Message L2TP client iface failed to resolve remotegwname Explanation The L2TP client failed to resolve the DNS name of the remote gateway Gateway Action None Recommended Action Make sure yo...

Страница 328: ...ule Tunnel ID tunnelid Session ID sessionid Explanation The authentication source for the specified userauth rule is unknown to the L2TP server Gateway Action None Recommended Action Make sure the use...

Страница 329: ...el_closed ID 02800008 Default Severity NOTICE Log Message Closed L2TP tunnel Tunnel ID tunnelid Interface iface Explanation The L2TP tunnel with the specified tunnel ID has been closed Gateway Action...

Страница 330: ...sessionid Auth auth MPPE mppe Explanation The L2TP session negotiation has completed successfully Gateway Action None Recommended Action None Revision 1 Parameters tunnelid sessionid auth mppe 2 27 12...

Страница 331: ..._ip Explanation The L2TP session negotiation has completed successfully Gateway Action None Recommended Action None Revision 1 Parameters tunnelid sessionid user auth mppe assigned_ip 2 27 15 failure_...

Страница 332: ...L2TP interface Gateway Action None Recommended Action None Revision 1 Parameters iface remotegw error_code 2 27 18 waiting_for_ip_to_listen_on ID 02800050 Default Severity NOTICE Log Message L2TP ser...

Страница 333: ...translation_address ID 05600002 Default Severity WARNING Log Message Translation IP address address does no longer exist in NATPool poolname Explanation The translation IP has been removed by a config...

Страница 334: ...essage NATPool DHCP address address lease expired Explanation The IP Address used by this NATPool have expired and may not be used any more The connection will be closed Gateway Action close Recommend...

Страница 335: ...en reached NATPool subsystem will try to replace the oldest lingering state Gateway Action replace_lingering Recommended Action Increase the MAXSTATES variable for this NATPool if more concurrent stat...

Страница 336: ...Too many Translation IP addresses requested for poolname Explanation To many Translation IP addresses was requested for NAT Pool Dropping this address Gateway Action None Recommended Action None Revi...

Страница 337: ...igh Availability configuration Revision 1 2 28 14 registerip_failed ID 05600015 Default Severity WARNING Log Message Invalid synchronized translated connection receivedRequest to activate already acti...

Страница 338: ...ID 02400002 Default Severity WARNING Log Message Internal Error Iface iface got NEvent nevent in NState nstate Ignored Explanation Internal error in the OSPF interface neighbor state engine Gateway Ac...

Страница 339: ...ters Rule Name Packet Buffer 2 29 5 bad_ospf_version ID 02400005 Default Severity WARNING Log Message Packet OSPF version is not 2 Explanation Received OSPF packet with other version then 2 Gateway Ac...

Страница 340: ...re in the same area as the attaching interfaces Revision 1 Parameters area Context Parameters Rule Name Packet Buffer 2 29 8 hello_netmask_mismatch ID 02400008 Default Severity WARNING Log Message Hel...

Страница 341: ...l mismatch Received was recv_rtrdead mine is my_rtrdead Dropping Explanation Received OSPF data from a neighboring router with a mismatching router dead interval Gateway Action drop Recommended Action...

Страница 342: ...OSPF routers share the same N flag configuration Revision 1 Parameters recv_n_flag my_n_flag Context Parameters Rule Name Packet Buffer 2 29 13 both_np_and_e_flag_set ID 02400013 Default Severity WAR...

Страница 343: ...Verify that the neighboring OSPF router share the same authentication Revision 1 Parameters recv_auth my_auth Context Parameters Rule Name 2 29 16 bad_auth_password ID 02400051 Default Severity WARNIN...

Страница 344: ...Recommended Action None Revision 1 Parameters recv_seq my_seq Context Parameters Rule Name 2 29 19 bad_auth_crypto_digest ID 02400054 Default Severity WARNING Log Message Authentication mismatch Bad...

Страница 345: ...he MTU on the neighboring OSPF router Revision 1 Parameters neighbor dd_mtu iface_mtu Context Parameters Rule Name 2 29 22 m_ms_mismatch ID 02400101 Default Severity WARNING Log Message Neighbor neigh...

Страница 346: ...ision 1 Parameters neighbor Context Parameters Rule Name 2 29 25 bad_seq_num ID 02400104 Default Severity WARNING Log Message Neighbor neighbor replied with a unexpected sequence number Restarting exc...

Страница 347: ...k neighboring OSPF router configuration Revision 1 Parameters neighbor Context Parameters Rule Name 2 29 28 unknown_lsa ID 02400107 Default Severity WARNING Log Message Neighbor neighbor implied unkno...

Страница 348: ...uration Revision 1 Parameters maxage def_maxage Context Parameters Rule Name 2 29 31 lsa_checksum_mismatch ID 02400150 Default Severity WARNING Log Message LSA checksum mismatch LSA is discarded Expla...

Страница 349: ...Name 2 29 34 bad_lsa_maxage ID 02400153 Default Severity WARNING Log Message Bad LSA maxage maxage LSA is discarded Explanation Received LSA with a bad max age Gateway Action discard Recommended Acti...

Страница 350: ...ity WARNING Log Message Received LSA LSA lsa ID lsaid AdvRtr lsartr is older then DB copy Discarding received LSA Explanation Received LSA which is older then the copy in the database Gateway Action d...

Страница 351: ..._size_mismatch ID 02400159 Default Severity WARNING Log Message REQ packet LSA size mismatch Parsing aborted Explanation Received OSPF REQ packet with a mismatching LSA size Gateway Action abort Recom...

Страница 352: ...lt Severity CRITICAL Log Message Unable to send ACK Explanation Unable to send acknowledgement Gateway Action alert Recommended Action Check memory consumption Revision 1 Context Parameters Rule Name...

Страница 353: ...erity WARNING Log Message Neighbor neighbor on neighboriface died Explanation Lost connectivity with neighbor router Gateway Action None Recommended Action Check neighbor status and connectivity Revis...

Страница 354: ...2 Default Severity WARNING Log Message Requested LSA size lsasize too big Unable to create LSA Explanation Unable to create LSA since the size is too big Gateway Action None Recommended Action None Re...

Страница 355: ...consumption Revision 1 Parameters ospfproc Context Parameters Rule Name 2 29 52 as_disabled_due_to_mem_alloc_fail ID 02400305 Default Severity CRITICAL Log Message AS disabled due to memory allocatio...

Страница 356: ...sa ID 02400401 Default Severity WARNING Log Message Internal error Unable to find my link connecting to described LSA NetVtxId netvtxid Explanation Unable to find local link to described LSA Gateway A...

Страница 357: ...e 2 29 58 internal_error_unable_to_find_iface_connecting_to_lsa ID 02400404 Default Severity WARNING Log Message Internal error Unable to find my interface connecting to described LSA RtrVtxId rtrvtxi...

Страница 358: ...nded Action Check OSPF interface configuration Revision 1 Parameters ifacetype rtrvtxid Context Parameters Rule Name 2 29 61 internal_error_unable_to_find_lnk_connecting_to_lsa ID 02400407 Default Sev...

Страница 359: ...sendbuffer Explanation Unable to get buffer for sending Gateway Action alert Recommended Action Check buffer consumption Revision 1 Context Parameters Rule Name 2 29 64 failed_to_add_route ID 0240050...

Страница 360: ...s tunnel_type 2 30 2 ip_address_required_but_not_received ID 02500002 Default Severity WARNING Log Message IP address required but not received PPP terminated Explanation Peer refuses to give out an I...

Страница 361: ...ddress required but not received PPP terminated Explanation Peer refuses to give out a primary NBNS address Since reception of a primary NBNS address is required PPP is terminated Gateway Action ppp_t...

Страница 362: ...ed Explanation Peer refuses to use any authentication at all PPP is terminated since we demand authentication Gateway Action ppp_terminated Recommended Action Review the allowed authentication types c...

Страница 363: ...uthentication_failed ID 02500101 Default Severity WARNING Log Message Authentication failed PPP terminated Explanation Authentication failed PPP terminated Gateway Action ppp_terminated Recommended Ac...

Страница 364: ...on mschapv1_username_truncated Recommended Action Reconfigure the endpoints to use a shorter username Revision 1 Parameters tunnel_type 2 30 15 username_too_long ID 02500301 Default Severity WARNING L...

Страница 365: ...Default Severity ERROR Log Message Unsupported authentication server PPP Authentication terminated Explanation Unsupported authentication server PPP Authentication terminated Gateway Action authentic...

Страница 366: ...Gateway Action authentication_terminated Recommended Action None Revision 1 Parameters tunnel_type 2 30 22 MPPE_decrypt_fail ID 02500600 Default Severity ERROR Log Message MPPE decryption resulted in...

Страница 367: ...he interface have been established Gateway Action None Recommended Action None Revision 1 Parameters iface pppoeserver auth ifaceip downtime 2 31 2 pppoe_tunnel_closed ID 02600002 Default Severity NOT...

Страница 368: ...xplanation The PPTP client failed to resolve the DNS name of the remote gateway Gateway Action None Recommended Action Make sure you have configured the DNS name of the remote gateway and the DNS serv...

Страница 369: ...disconnected ID 02700005 Default Severity WARNING Log Message User user is forcibly disconnected Call ID callid Remote gateway remotegw Explanation The connected client is forcibly disconnected by the...

Страница 370: ...will be closed Gateway Action close_session Recommended Action Make sure the peer is capable of MPPE encryption or disable the MPPE requirement Revision 1 Parameters iface remotegw callid 2 32 8 pptp...

Страница 371: ...eters iface type callid remotegw 2 32 11 failure_init_radius_accounting ID 02700011 Default Severity WARNING Log Message Failed to send Accounting Start to RADIUS Accounting Server Accouting will be d...

Страница 372: ...completed for session callid on iface connected to remotegw Auth auth MPPE mppe Explanation The PPP negotiation has completed successfully for this session The specified interface remote gateway and c...

Страница 373: ...t iface started connecting to server on remotegw Explanation A PPTP client has initiated the connection to its remote gateway Gateway Action None Recommended Action None Revision 1 Parameters iface re...

Страница 374: ...lanation A remote PPTP server refused to establish PPTP control connection Gateway Action None Recommended Action Read the reason specified by the PPTP server This might give a clue why the PPTP serve...

Страница 375: ...ording to the specified userauth rule Gateway Action None Recommended Action Make sure the userauth rules are configured correctly Revision 1 Parameters rule iface remotegw 2 32 23 unknown_pptp_auth_s...

Страница 376: ...code error_code Explanation A malformed packet was received by the PPTP interface Gateway Action None Recommended Action None Revision 1 Parameters iface remotegw error_code 2 32 26 waiting_for_ip_to...

Страница 377: ...segment with an invalid checksum was received The segment will be dropped Gateway Action drop Recommended Action None Revision 1 Context Parameters Connection 2 33 3 mismatching_data_in_overlapping_t...

Страница 378: ...et The packet that triggered the need to send a packet will be dropped Gateway Action drop Recommended Action Check buffer consumption Revision 1 2 33 6 failed_to_send_ack ID 04800008 Default Severity...

Страница 379: ...y subsystem has reached the maximum number of concurrent connections Gateway Action none Recommended Action Consider increasing the setting Reassembly_MaxConnections Revision 1 Context Parameters Conn...

Страница 380: ...ARNING Log Message Interface iface Table table Net net Unable to open conn for PING trying again later Explanation Unable to open a connection to verify the status of the route Will try again later Ga...

Страница 381: ...ameters iface table net gateway 2 34 5 unable_to_register_pingmon ID 04100005 Default Severity ERROR Log Message Interface iface Table table Net net Route no longer monitored via PING unable to regist...

Страница 382: ...ARP reply from the gateway Gateway Action route_enabled Recommended Action None Revision 1 Parameters iface table net gateway 2 34 8 unable_to_register_arp_monitor ID 04100008 Default Severity ERROR...

Страница 383: ...eason all associated routes disabled Explanation The interface has no link and all associated routes has been disabled Gateway Action associated_routes_disabled Recommended Action None Revision 2 Para...

Страница 384: ...face Table table Net net Route no longer monitored unable to register interface monitor Explanation Internal Error Route is no longer monitored Unable to register Interface Monitor Gateway Action disa...

Страница 385: ...Interface iface Table table Net net Route enabled host monitoring successful Explanation Route is available Host monitoring successful Gateway Action route_enabled Recommended Action None Revision 1...

Страница 386: ...IP address verfied according to ACCESS section Explanation The IP address was verified according to the ACCESS section Gateway Action access_allow Recommended Action None Revision 1 Context Parameters...

Страница 387: ...tion The destination address was the 0 net which is not allowed according to the configuration The packet is dropped Gateway Action drop Recommended Action Investigate why this traffic had the 0 net a...

Страница 388: ...The destination address was the 127 net which is allowed according to the configuration The packet is accepted Gateway Action accept Recommended Action If this type of traffic should be dropped modify...

Страница 389: ...vlanid Dropping Explanation The unit received a VLAN packet with an unknown tag and the packet is dropped Gateway Action drop Recommended Action None Revision 2 Parameters vlanid Context Parameters R...

Страница 390: ...14 unhandled_local ID 06000060 Default Severity NOTICE Log Message Allowed but unhandled packet to the firewall Dropping Explanation A packet directed to the unit itself was received The packet is al...

Страница 391: ...on_denied ID 04900002 Default Severity WARNING Log Message New session denied for User user Database database IP ip Type type Explanation New session denied in Session Manager Gateway Action remove_se...

Страница 392: ...n_timeout ID 04900005 Default Severity NOTICE Log Message Session has timed out for User user Database database IP ip Type type Explanation Session has timed out and will be removed Gateway Action rem...

Страница 393: ...ision 1 Parameters user database ip type 2 36 8 sesmgr_session_maximum_reached ID 04900008 Default Severity WARNING Log Message Maximum number of sessions reached Explanation Maximum number of session...

Страница 394: ...Database database IP ip Type type Explanation Session has been disabled Gateway Action none Recommended Action None Revision 1 Parameters user database ip type 2 36 12 sesmgr_console_denied_init ID 04...

Страница 395: ...lt Severity NOTICE Log Message Old session disconnected to be replaced for User user Database database IP ip Type type Explanation Old session disconnected and is being replaced by a new session for t...

Страница 396: ...y NOTICE Log Message Sending technical support file Explanation Technical support file created and is being sent to user Gateway Action techsupport_created Recommended Action None Revision 1 2 36 16 s...

Страница 397: ...Action None Revision 1 Parameters server_ip Context Parameters Rule Name 2 37 2 server_offline ID 02900002 Default Severity WARNING Log Message SLB Server server_ip is offline according to monitor Exp...

Страница 398: ...002 Default Severity WARNING Log Message Timeout connecting to SMTP server smtp_server Send aborted Explanation The unit timed out while trying to establish a connection to the SMTP server No SMTP Log...

Страница 399: ...SMTP Log will be sent Gateway Action abort_sending Recommended Action Verify that a SMTP Server is configured to accept connections from the unit Revision 1 Parameters smtp_server 2 38 6 rejected_ehlo...

Страница 400: ...SMTP server is configured to accept this recipient Revision 1 Parameters smtp_server recipient 2 38 9 rejected_all_recipients ID 03000010 Default Severity WARNING Log Message SMTP server smtp_server r...

Страница 401: ...y WARNING Log Message SMTP server smtp_server rejected message text Send aborted Explanation The SMTP server rejected the message text No SMTP Log will be sent Gateway Action None Recommended Action V...

Страница 402: ...on If this sender IP address should have SNMP access to the unit this should be configured in the ACCESS section Revision 1 Parameters peer Context Parameters Connection 2 39 2 invalid_snmp_community...

Страница 403: ...error when exchanging keys with client client Explanation A Diffie Hellman Key Exchange Failure occured when keys were exchanged with the client Connection will be closed Gateway Action close Recomme...

Страница 404: ...None Revision 1 2 40 6 invalid_service_request ID 04700015 Default Severity WARNING Log Message Error processing service request from client client Explanation Failed to process service request sent...

Страница 405: ...lient 2 40 9 max_auth_tries_reached ID 04700030 Default Severity ERROR Log Message Maximum authentication re tries reached for client client Explanation User failed to authenticate within the maximum...

Страница 406: ...it is set too low Revision 1 Parameters inactivetime client 2 40 12 rsa_sign_verification_failed ID 04700050 Default Severity ERROR Log Message RSA signature verification for client client failed Exp...

Страница 407: ...The client is trying to authenticate using a Public Key Algorithm which is either not supported or not enabled Gateway Action close Recommended Action If the algorithm is supported by unit configure t...

Страница 408: ...ion Explanation The SSH connection is no longer valid The might be a result of a remotes object being changed to no longer allow the SSH connection Closing connection Gateway Action close Recommended...

Страница 409: ...2 40 19 scp_failed_not_admin ID 04704000 Chapter 2 Log Message Reference 409...

Страница 410: ...Action Install a license Revision 1 Parameters shutdown 2 41 2 demo_mode ID 03200021 Default Severity ALERT Log Message This copy of D Link Firewall is in DEMO mode Firewall core will halt in time se...

Страница 411: ...og Message Failed to verify IP address as per ACCESS section Dropping Explanation The IP address was not verified according to the ACCESS section Gateway Action drop Recommended Action None Revision 1...

Страница 412: ...atchdog_chip watchdog_timeout 2 41 9 port_bind_failed ID 03200300 Default Severity ALERT Log Message Out of memory while tying to allocate dynamic port for local IP localip to destination IP destip Ex...

Страница 413: ...ed Action None Revision 1 Parameters localip destip 2 41 12 port_llm_conversion ID 03200303 Default Severity NOTICE Log Message Using Low Load Mode for Local IP localip Destination IP destip pair Expl...

Страница 414: ...is is normal activity the LogSendPerSec setting might be set too low Revision 1 Parameters logcnt 2 41 15 ssl_encryption_failed ID 03200450 Default Severity ERROR Log Message Encryption failed Explana...

Страница 415: ...Parameters file 2 41 18 file_open_failed ID 03200602 Default Severity ERROR Log Message Failed to open newly uploaded configuration file new_cfg Explanation The unit failed to open the uploaded config...

Страница 416: ...onfiguration and will continue to use the present configuration Gateway Action None Recommended Action Consult the recommended action in the previous log message which contained a more detailed error...

Страница 417: ...onds Reason reason Explanation The unit is shutting down Gateway Action shutdown Recommended Action None Revision 1 Parameters shutdown time reason 2 41 25 shutdown ID 03201010 Default Severity NOTICE...

Страница 418: ...requested Gateway Action reconfiguration Recommended Action None Revision 1 Parameters username userdb client_ip config_system 2 41 28 reconfiguration ID 03201021 Default Severity NOTICE Log Message...

Страница 419: ...t uptime uptime Using configuration file cfgfile localcfgver localcfgver remotecfgver remotecfgver Previous shutdown previous_shutdown Explanation The Security Gateway is starting up echo Gateway Acti...

Страница 420: ...ssage Administrative user username logged out via authsystem Access level access_level Explanation An adminsitrative user has logged out from the configuration system Gateway Action None Recommended A...

Страница 421: ...mended Action Make sure that the new configuration allows the unit to establish a connection with the administration interface Revision 1 Parameters authsystem 2 41 36 accept_configuration ID 03204001...

Страница 422: ...al Date and Time of the unit has been changed Gateway Action using_new_date_time Recommended Action None Revision 2 Parameters authsystem user pre_change_date_time post_change_date_time 2 41 39 admin_...

Страница 423: ...nal_error ID 03206002 Default Severity WARNING Log Message Internal error occured when administrative user username tried to login not allowed access via authsystem Explanation An internal error occur...

Страница 424: ...text Parameters Rule Name Packet Buffer 2 42 2 tcp_flags_set ID 03300002 Default Severity WARNING Log Message The TCP good_flag and bad_flag flags are set Stripping bad_flag flag Explanation The possi...

Страница 425: ...r 2 42 5 tcp_null_flags ID 03300005 Default Severity NOTICE Log Message Packet has no SYN ACK FIN or RST flag set Explanation The packet has no SYN ACK FIN or RST flag set Ignoring Gateway Action igno...

Страница 426: ...et Gateway Action drop Recommended Action None Revision 1 Parameters bad_flag Context Parameters Rule Name Packet Buffer 2 42 8 unexpected_tcp_flags ID 03300010 Default Severity WARNING Log Message Un...

Страница 427: ...seqno Expected expectseqno Dropping Explanation Mismatching sequence numbers Dropping packet Gateway Action drop Recommended Action None Revision 1 Parameters seqno expectseqno Context Parameters Rul...

Страница 428: ...Parameters Rule Name Connection Packet Buffer 2 42 13 tcp_seqno_too_low ID 03300016 Default Severity DEBUG Log Message TCP sequence number seqno is not in the acceptable range accstart accend Droppin...

Страница 429: ...SYN_SENT Dropping Explanation A TCP segment with the RST flag but not the ACK flag was received during state SYN_SENT The packet will be dropped Gateway Action drop Recommended Action None Revision 1...

Страница 430: ...lt Severity CRITICAL Log Message Out of large TCP send windows Maximum windows max_windows Triggered num_events times last 10 seconds Explanation The TCP stack could not send data since it has run out...

Страница 431: ...the acceptable range accstart accend Dropping Explanation A TCP segment with an unacceptable sequence number was received The packet will be dropped Gateway Action drop Recommended Action None Revisio...

Страница 432: ...me Packet Buffer 2 43 2 tcp_mss_too_low ID 03400002 Default Severity NOTICE Log Message TCP MSS mss too low TCPMSSMin minmss Adjusting Explanation The TCP MSS is too low Adjusting to use the configure...

Страница 433: ...commended Action None Revision 1 Parameters tcpopt mss maxmss Context Parameters Rule Name Packet Buffer 2 43 5 tcp_mss_above_log_level ID 03400005 Default Severity NOTICE Log Message TCP MSS mss high...

Страница 434: ...Option of the specified type Removing it Gateway Action strip Recommended Action None Revision 1 Parameters tcpopt Context Parameters Rule Name Packet Buffer 2 43 8 bad_tcpopt_length ID 03400010 Defau...

Страница 435: ...verity WARNING Log Message Type tcpopt bad length optlen Expected expectlen bytes Dropping Explanation The TCP Option type has an invalid length Dropping packet Gateway Action drop Recommended Action...

Страница 436: ...owed ID 03400015 Default Severity WARNING Log Message Packet has a tcpopt TCP option which is disallowed Dropping Explanation The packet has a TCP Option of the specified type Dropping packet Gateway...

Страница 437: ...was received The shift count will be lowered to 14 Explanation A TCP segment with a window scale option specifying a shift count that is larger than 14 was received The shift count will be lowered to...

Страница 438: ...Action adjust Recommended Action None Revision 1 Parameters old new effective Context Parameters Connection Packet Buffer 2 43 17 mismatching_tcp_window_scale ID 03400019 Chapter 2 Log Message Refere...

Страница 439: ...minder_conn_threshold ID 05300101 Default Severity INFORMATIONAL Log Message Reminder Connection threshold description exceeded threshold Source IP srcip Explanation The source ip is still opening up...

Страница 440: ...05300201 Default Severity ERROR Log Message Failed to keep connection count Reason Out of memory Explanation The device was unable to allocate resources needed to include the connection in the connect...

Страница 441: ...old The configured protective measures will be triggered Note This log message is rate limited via an exponential back off procedure Gateway Action protect Recommended Action None Revision 1 Parameter...

Страница 442: ...p Explanation The number of connections matching the threshold rule exceeds the configured threshold The configured protective measures will be triggered Note This log message is rate limited via an e...

Страница 443: ...d Clock not updated Explanation The unit failed to establish a connection with the time sync server The clock has not been updated Gateway Action clock_not_synced Recommended Action Verify that the ti...

Страница 444: ...Revision 1 Parameters clockdrift timeserver interval 2 45 3 clockdrift_too_high ID 03500003 Chapter 2 Log Message Reference 444...

Страница 445: ...meters Rule Name Packet Buffer 2 46 2 enet_hw_sender_broadcast ID 04400411 Default Severity NOTICE Log Message Ethernet hardware sender is a broadcast address Accepting Explanation The Ethernet hardwa...

Страница 446: ...D 04400414 Default Severity NOTICE Log Message Ethernet hardware sender is a multicast address Accepting Explanation The Ethernet hardware sender address is a multicast address The packet will be acce...

Страница 447: ...Revision 1 Context Parameters Rule Name Packet Buffer 2 46 8 relay_stp_frame ID 04400417 Default Severity INFORMATIONAL Log Message Relaying STP frame from recvif to switched interfaces Explanation An...

Страница 448: ...rity INFORMATIONAL Log Message Forwarding MPLS packet from recvif Explanation An incomming MPLS packet has been forwarded through the gateway destif indicates if it was forwarded to an ultimate destin...

Страница 449: ...An incomming MPLS packet has been dropped since it was malformed Gateway Action drop Recommended Action If the packet format is invalid locate the unit which is sending the malformed packet Revision...

Страница 450: ...ceived a RADIUS Accounting START response with an Identifier mismatch Ignoring this packet Explanation The unit received a response with an invalid Identifier mismatch This can be the result of a busy...

Страница 451: ...rt_server_response ID 03700005 Default Severity WARNING Log Message Logging out the authenticated user as no RADIUS Accounting START response was received from RADIUS Accounting server Explanation The...

Страница 452: ...ateway Action None Recommended Action None Revision 1 Context Parameters User Authentication 2 47 8 accounting_stop ID 03700008 Default Severity NOTICE Log Message Successfully received RADIUS Account...

Страница 453: ...Accounting Server Accounting information might not have been propery received by the Accounting Server Gateway Action None Recommended Action Verify that the RADIUS Accounting server daemon is runnin...

Страница 454: ...authenticated user is logged out as an Accounting Start request did not get sent to the Accounting Server This could be a result of missing a route from the unit to the Accounting Server Gateway Acti...

Страница 455: ...ault Severity NOTICE Log Message Delayed user timeout expired user is removed Explanation User did not receive any Accounting Start Response from Radius Gateway Action delayed_user_removed Recommended...

Страница 456: ...recv packetssent packetsrecv gigawrapsent gigawraprecv sestime Context Parameters User Authentication 2 47 19 accounting_interim_failure ID 03700051 Default Severity ALERT Log Message Failed to send A...

Страница 457: ...t not have been updated on the Accounting Server Explanation The unit received an invalid response to an Accounting Interm event from the Accounting Server Accounting information might not have been p...

Страница 458: ...ARNING Log Message This user is already logged in Explanation A user with the same username as an already authenticated user tried to logged in and was rejected Gateway Action disallowed_login Recomme...

Страница 459: ...Explanation The unit did not receive a response from the RADIUS Authentication server and the authentication process failed Gateway Action None Recommended Action Verify that the RADIUS Authentication...

Страница 460: ...Disable the challange and response feature and use password verification instead Revision 1 Context Parameters User Authentication 2 47 31 ldap_auth_error ID 03700109 Default Severity ALERT Log Messa...

Страница 461: ...n 1 Parameters reason 2 47 34 cant_create_new_request ID 03700402 Default Severity ERROR Log Message Can t create new user request Authentication aborted Explanation Can t create new user request Gate...

Страница 462: ...of memory Gateway Action None Recommended Action None Revision 1 Parameters reason 2 47 38 user_req_new_out_of_memory ID 03700406 Default Severity ALERT Log Message Out of memory while trying to alloc...

Страница 463: ...assword from LDAP database database Explanation Cannot retrive the user password from LDAP database making user authentication impossible Gateway Action user authentication failed Recommended Action C...

Страница 464: ...to find out if it is a part of a possible attack or normal traffic Revision 2 Parameters client_ip 2 47 44 bad_packet_order ID 03700502 Default Severity ERROR Log Message Bad SSL Handshake packet ord...

Страница 465: ...Exchange message Closing down SSL connection Explanation The ClientKeyExchange message which is a part of a SSL handshake is invalid and the SSL connection is closed Gateway Action ssl_close Recommend...

Страница 466: ...nection is closed Gateway Action ssl_close Recommended Action None Revision 1 Parameters client_ip 2 47 51 negotiated_cipher_does_not_permit_the_chosen_certificate_size ID 03700509 Default Severity ER...

Страница 467: ...el description 2 47 53 sent_sslalert ID 03700511 Default Severity ERROR Log Message Sent SSL Alert Closing down SSL connection Explanation The unit has sent a SSL Alert message to the client due to so...

Страница 468: ...iption 2 48 2 odm_execute_action_reboot ID 05200002 Default Severity NOTICE Log Message Uploaded file filename was validated as description Rebooting system Explanation An uploaded file was validated...

Страница 469: ...e was validated but could not be executed correctly This could be because the unit is out of disk space or that the disk is corrupt Gateway Action None Recommended Action Check that the disk is intact...

Страница 470: ...ld not be added to the configuration Explanation Certificate data could not be added to the configuration Gateway Action None Recommended Action Make sure that the certificate data is of the correct f...

Страница 471: ...Severity WARNING Log Message Unable to allocate exclude entry for host Explanation Unable to allocate exclude entry Unit is low on memory Gateway Action no_exclude Recommended Action Review the confi...

Страница 472: ...s left on the switch No more hosts can be be blocked excluded on this switch Gateway Action no_block Recommended Action None Revision 1 Parameters switch 2 49 6 failed_to_create_profile ID 03800006 De...

Страница 473: ...orrupted Gateway Action none Recommended Action Verify that the media is intact Revision 1 2 49 9 failed_to_create_access_rule ID 03800009 Default Severity CRITICAL Log Message Failed to create rulety...

Страница 474: ...e configured switch model is correct Revision 1 Parameters type profile switch 2 49 12 failed_to_save_configuration ID 03800012 Default Severity CRITICAL Log Message Failed to save configuration on sw...

Страница 475: ...blocking host host Alert Type type Explanation A configured action of type type has triggered ZoneDefense to block the host host at the configured ZoneDefense switches Gateway Action block Recommende...

Страница 476: ...2 49 14 zd_block ID 03800014 Chapter 2 Log Message Reference 476...

Отзывы:

Нет отзывов