ZyXEL 2WG 사용자 가이드
Chapter 43 System Information & Diagnosis
ZyWALL 2WG User’s Guide
639
5 Firewall log
43.4.3 Call-Triggering Packet
Call-Triggering Packet displays information about the packet that triggered a dial-out call in
an easy readable format. Equivalent information is available in menu 24.1 in hex format. An
example is shown next.
an easy readable format. Equivalent information is available in menu 24.1 in hex format. An
example is shown next.
Firewall Log Message Format
SdcmdSyslogSend(SYSLOG_FIREWALL, SYSLOG_NOTICE, buf);
buf = IP[Src=xx.xx.xx.xx : spo=xxxx Dst=xx.xx.xx.xx : dpo=xxxx | prot | rule | action]
Src: Source Address
spo: Source port (empty means no source port information)
Dst: Destination Address
dpo: Destination port (empty means no destination port information)
prot: Protocol ("TCP","UDP","ICMP", "IGMP", "GRE", "ESP")
rule: <a,b> where a means "set" number; b means "rule" number.
Action: nothing(N) block (B) forward (F)
08-01-200011:48:41Local1.Notice192.168.10.10RAS: FW 172.16.1.80 :137 ->172.16.1.80
buf = IP[Src=xx.xx.xx.xx : spo=xxxx Dst=xx.xx.xx.xx : dpo=xxxx | prot | rule | action]
Src: Source Address
spo: Source port (empty means no source port information)
Dst: Destination Address
dpo: Destination port (empty means no destination port information)
prot: Protocol ("TCP","UDP","ICMP", "IGMP", "GRE", "ESP")
rule: <a,b> where a means "set" number; b means "rule" number.
Action: nothing(N) block (B) forward (F)
08-01-200011:48:41Local1.Notice192.168.10.10RAS: FW 172.16.1.80 :137 ->172.16.1.80
:137 |UDP|default permit:<2,0>|B
08-01-200011:48:41Local1.Notice192.168.10.10RAS: FW 192.168.77.88 :520 ->192.168.77.88
08-01-200011:48:41Local1.Notice192.168.10.10RAS: FW 192.168.77.88 :520 ->192.168.77.88
:520 |UDP|default permit:<2,0>|B
08-01-200011:48:39Local1.Notice192.168.10.10RAS: FW 172.16.1.50 ->172.16.1.50
08-01-200011:48:39Local1.Notice192.168.10.10RAS: FW 172.16.1.50 ->172.16.1.50
|IGMP<2>|default permit:<2,0>|B
08-01-200011:48:39Local1.Notice192.168.10.10RAS: FW 172.16.1.25 ->172.16.1.25
08-01-200011:48:39Local1.Notice192.168.10.10RAS: FW 172.16.1.25 ->172.16.1.25
|IGMP<2>|default permit:<2,0>|B