ZyXEL p-2802h-i1 Manual Do Utilizador
Chapter 22 Logs
P-2802H(W)(L)-I Series User’s Guide
295
Table 119 System Error Logs
LOG MESSAGE
DESCRIPTION
%s exceeds the max.
number of session per
host!
number of session per
host!
This attempt to create a NAT session exceeds the maximum
number of NAT session table entries allowed to be created per
host.
setNetBIOSFilter: calloc
error
error
The router failed to allocate memory for the NetBIOS filter
settings.
readNetBIOSFilter: calloc
error
error
The router failed to allocate memory for the NetBIOS filter
settings.
WAN connection is down.
A WAN connection is down. You cannot access the network
through this interface.
Table 120 Access Control Logs
LOG MESSAGE
DESCRIPTION
Firewall default policy: [ TCP |
UDP | IGMP | ESP | GRE | OSPF ]
<Packet Direction>
UDP | IGMP | ESP | GRE | OSPF ]
<Packet Direction>
Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access
matched the default policy and was blocked or forwarded
according to the default policy’s setting.
Firewall rule [NOT] match:[ TCP
| UDP | IGMP | ESP | GRE | OSPF
] <Packet Direction>, <rule:%d>
| UDP | IGMP | ESP | GRE | OSPF
] <Packet Direction>, <rule:%d>
Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access
matched (or did not match) a configured firewall rule
(denoted by its number) and was blocked or forwarded
according to the rule.
Triangle route packet forwarded:
[ TCP | UDP | IGMP | ESP | GRE |
OSPF ]
[ TCP | UDP | IGMP | ESP | GRE |
OSPF ]
The firewall allowed a triangle route session to pass
through.
Packet without a NAT table entry
blocked: [ TCP | UDP | IGMP |
ESP | GRE | OSPF ]
blocked: [ TCP | UDP | IGMP |
ESP | GRE | OSPF ]
The router blocked a packet that didn't have a
corresponding NAT table entry.
Router sent blocked web site
message: TCP
message: TCP
The router sent a message to notify a user that the router
blocked access to a web site that the user requested.
Table 121 TCP Reset Logs
LOG MESSAGE
DESCRIPTION
Under SYN flood attack,
sent TCP RST
sent TCP RST
The router sent a TCP reset packet when a host was under a SYN
flood attack (the TCP incomplete count is per destination host.)
Exceed TCP MAX
incomplete, sent TCP RST
incomplete, sent TCP RST
The router sent a TCP reset packet when the number of TCP
incomplete connections exceeded the user configured threshold.
(the TCP incomplete count is per destination host.) Note: Refer to
TCP Maximum Incomplete in the Firewall Attack Alerts screen.
Peer TCP state out of
order, sent TCP RST
order, sent TCP RST
The router sent a TCP reset packet when a TCP connection state
was out of order.Note: The firewall refers to RFC793 Figure 6 to
check the TCP state.
Firewall session time
out, sent TCP RST
out, sent TCP RST
The router sent a TCP reset packet when a dynamic firewall
session timed out.Default timeout values:ICMP idle timeout (s):
60UDP idle timeout (s): 60TCP connection (three way
handshaking) timeout (s): 30TCP FIN-wait timeout (s): 60TCP idle
(established) timeout (s): 3600