ZyXEL P-660HW-D1 Guia Do Utilizador
Prestige 660H/HW Series User’s Guide
440
Table 158 TCP Reset Logs
LOG MESSAGE
DESCRIPTION
Under SYN flood attack,
sent TCP RST
sent TCP RST
The router sent a TCP reset packet when a host was under a SYN
flood attack (the TCP incomplete count is per destination host.)
Exceed TCP MAX
incomplete, sent TCP RST
incomplete, sent TCP RST
The router sent a TCP reset packet when the number of TCP
incomplete connections exceeded the user configured threshold.
(the TCP incomplete count is per destination host.) Note: Refer to
TCP Maximum Incomplete in the Firewall Attack Alerts screen.
Peer TCP state out of
order, sent TCP RST
order, sent TCP RST
The router sent a TCP reset packet when a TCP connection state
was out of order.Note: The firewall refers to RFC793 Figure 6 to
check the TCP state.
Firewall session time
out, sent TCP RST
out, sent TCP RST
The router sent a TCP reset packet when a dynamic firewall
session timed out.Default timeout values:ICMP idle timeout (s):
60UDP idle timeout (s): 60TCP connection (three way
handshaking) timeout (s): 30TCP FIN-wait timeout (s): 60TCP idle
(established) timeout (s): 3600
Exceed MAX incomplete,
sent TCP RST
sent TCP RST
The router sent a TCP reset packet when the number of
incomplete connections (TCP and UDP) exceeded the user-
configured threshold. (Incomplete count is for all TCP and UDP
connections through the firewall.)Note: When the number of
incomplete connections (TCP + UDP) > “Maximum Incomplete
High”, the router sends TCP RST packets for TCP connections
and destroys TOS (firewall dynamic sessions) until incomplete
connections < “Maximum Incomplete Low”.
Access block, sent TCP
RST
RST
The router sends a TCP RST packet and generates this log if you
turn on the firewall TCP reset mechanism (via CI command: "sys
firewall tcprst").
Table 159 Packet Filter Logs
LOG MESSAGE
DESCRIPTION
[ TCP | UDP | ICMP | IGMP |
Generic ] packet filter
matched (set: %d, rule: %d)
Generic ] packet filter
matched (set: %d, rule: %d)
Attempted access matched a configured filter rule (denoted by
its set and rule number) and was blocked or forwarded
according to the rule.
Table 160 ICMP Logs
LOG MESSAGE
DESCRIPTION
Firewall default policy: ICMP
<Packet Direction>, <type:%d>,
<code:%d>
<Packet Direction>, <type:%d>,
<code:%d>
ICMP access matched the default policy and was blocked
or forwarded according to the user's setting. For type and
code details,
.
Firewall rule [NOT] match: ICMP
<Packet Direction>, <rule:%d>,
<type:%d>, <code:%d>
<Packet Direction>, <rule:%d>,
<type:%d>, <code:%d>
ICMP access matched (or didn’t match) a firewall rule
(denoted by its number) and was blocked or forwarded
according to the rule. For type and code details,
.