Netgear FVX538v1 – ProSafe VPN Firewall Dual WAN with 8-Port 10/100 and 1 Gigabit LAN Port Switch 参照マニュアル

System Logs and Error Messages

C-13

This section is used to configure the logging options for each network segment like LAN-WAN for 
debugging purposes. This may generate a significant volume of log messages.

Message

2007 Oct 1 00:44:17 [FVX538] [kernel] 
[INVALID][OUT_OF_WINDOW][DROP] SRC=192.168.20.10 
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899

Explanation

Packet not in TCP window

Recommended Action

1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:

fw/rules/attackChecks/configure dropInvalid  1

To allow invalid packet and disable logging:

fw/rules/attackChecks/configure dropInvalid  0

Message

2007 Oct 1 00:44:17 [FVX538] [kernel]  
[INVALID][ERR_HELPER_ROUTINE][DROP] SRC=192.168.20.10 
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899

Explanation

Error returned from helper routine

Recommended Action

1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:

fw/rules/attackChecks/configure dropInvalid  1

To allow invalid packet and disable logging:

fw/rules/attackChecks/configure dropInvalid  0

Message

Nov 29 09:19:43 [FVX538] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN 
SRC=192.168.10.10 DST=72.14.207.99 PROTO=ICMP TYPE=8 CODE=0

Explanation

• This packet from LAN to WAN has been allowed by the firewall.
• For other parameters, refer to 

Recommended Action

None