Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
D-2
Firewall Log Formats
May 2004, 202-10030-02
The format is:
<DATE> <TIME> <PKT_TYPE> <SRC_IP> <SRC_INF> <DST_IP > <DST_INF>
<ACTION><DESCRIPTION>
[Fri, 2003-12-05 22:19:42] - UDP Packet - Source:172.31.12.233,138 ,WAN -
Destination:172.31.12.255,138 ,LAN [Drop] - [Inbound Default rule match]
[Fri, 2003-12-05 22:35:04] - TCP Packet - Source:172.31.12.156,34239 ,WAN -
Destination:192.168.0.10,21[FTP Control] ,LAN [Forward] - [Inbound Rule(1)
match]
[Fri, 2003-12-05 22:35:11] - UDP Packet - Source:172.31.12.200,138 ,WAN -
Destination:172.31.12.255,138 ,LAN [Forward] - [Inbound Rule(1) not match]
Notes:
SRC_INF = WAN
DST_INF = LAN
DESCRIPTION = "Inbound rule match", "Inbound Default rule match"
PKT_TYPE = "UDP packet", "TCP connection", "ICMP packet"
Inbound Log
Incoming packets that match the Firewall rules are logged.
The format is:
<DATE> <TIME> <PKT_TYPE> <SRC_IP> <SRC_INF> <DST_IP > <DST_INF>
<ACTION><DESCRIPTION>
[Fri, 2003-12-05 22:59:56] - ICMP Packet [Echo Request] - Source:192.168.0.10,LAN
- Destination:192.168.0.1,WAN [Forward] - [Outbound Default rule match]
[Fri, 2003-12-05 23:00:58] - ICMP Packet [Echo Request] - Source:192.168.0.10,LAN
- Destination:172.31.12.200,WAN [Forward] - [Outbound Default rule match]
[Fri, 2003-12-05 23:02:30] - TCP Packet - Source:192.168.0.10,3472 ,LAN -
Destination:216.239.39.99,80[HTTP] ,WAN [Forward] - [Outbound Default rule
match]
Notes:
SRC_INF = LAN
DST_INF = WAN
DESCRIPTION = "Outbound rule match", "Outbound Default rule match"
PKT_TYPE = "UDP packet", "TCP connection", "ICMP packet"
Other IP Traffic
Some special packets matching the Firewall rules, like VPN connection, etc. are logged.