Netgear FVS336Gv2 – ProSafe Dual WAN Gigabit Firewall with SSL & IPSec VPN 참조 매뉴얼
System Logs and Error Messages
658
ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
DMZ to LAN Logs
WAN to DMZ Logs
Other Event Logs
The following sections provide information about other event messages:
•
•
•
These sections describe the log messages generated by other events such source MAC
filtering, session limiting, and bandwidth limiting. For information about how to select these
logs, see
filtering, session limiting, and bandwidth limiting. For information about how to select these
logs, see
Session Limit Logs
Table 44. Routing logs: DMZ to WAN
Message
Nov 29 09:44:06 [FVS336Gv2] [kernel] DMZ2LAN[DROP] IN=DMZ OUT=LAN
SRC=192.168.20.10 DST=192.168.10.10 PROTO=ICMP TYPE=8 CODE=0
SRC=192.168.20.10 DST=192.168.10.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
•
This packet from DMZ to LAN is dropped by the firewall.
•
642.
Recommended action
None
Table 45. Routing logs: WAN to DMZ
Message
Nov 29 09:19:43 [FVS336Gv2] [kernel] WAN2DMZ[ACCEPT] IN=WAN OUT=DMZ
SRC=192.168.1.214 DST=192.168.20.10 PROTO=ICMP TYPE=8 CODE=0
SRC=192.168.1.214 DST=192.168.20.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
•
This packet from WAN to DMZ is allowed by the firewall.
•
642.
Recommended action
None
Table 46. Other event logs: session limit logs
Message
2000 Jan 1 06:53:33 [FVS336Gv2] [kernel] SESS_LIMIT[DROP] IN=LAN OUT=
WAN SRC=192.168.11.2 DST=20.0.0.1 PROTO=TCP SPT=50709 DPT=21
WAN SRC=192.168.11.2 DST=20.0.0.1 PROTO=TCP SPT=50709 DPT=21
Explanation
When two FTP sessions are established from the same LAN host at IP address
192.168.11.2 and a session limit (SESS_LIMIT) is set as 1, the FTP packets from
the second session are dropped.
192.168.11.2 and a session limit (SESS_LIMIT) is set as 1, the FTP packets from
the second session are dropped.
Recommended action
Change the session limit to 2 to prevent packets from being dropped.