1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVX538
    5. /
  5. 44
Page 216 / 240 Scroll up to view Page 211 - 215
ProSafe VPN Firewall 200 FVX538 Reference Manual
C-10
System Logs and Error Messages
v1.0, March 2009
FTP Logging
Invalid Packet Logging
Explanation
This packet (Broadcast) is destined to the device from the WAN network.
For other parameters, refer to
Table C-1
.
Recommended Action
None
Table C-17. System Logs: FTP
Message
Feb 2007 22 14:46:56 [FVX538] [kernel] [FTP-ACTIVE] SRC=192.168.10.211
DST=192.168.1.97 PROTO=TCP SPT=1983 DPT=21
Feb 2007 22 14:46:56 [FVX538] [kernel] [FTP-PASSIVE] SRC=192.168.10.211
DST=192.168.1.97 PROTO=TCP SPT=1984 DPT=21
Feb 2007 22 19:48:17 [FVX538] [kernel] [FTP-DATA][ACCEPT]
SRC=192.168.10.10 DST=192.168.20.10 PROTO=TCP SPT=54879
DPT=6459
Explanation
These packets are active and passive FTP session data transfers
respectively.
For other parameters, refer to
Table C-1
.
Recommended Action
To enable these logs, from CLI command prompt of the router, enter this
command:
monitor/firewallLogs/logger/loggerConfig logFtp 1
And to disable it,
monitor/firewallLogs/logger/loggerConfig logFtp 0
Table C-18. System Logs: Invalid Packets
Message
2007 Oct 1 00:44:17 [FVX538] [kernel] [INVALID]
[NO_CONNTRACK_ENTRY] [DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation
No Connecrtion Tracking entry exists
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][RST_PACKET][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Table C-16. System Logs: Multicast/Broadcast
(continued)
Page 217 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
System Logs and Error Messages
C-11
v1.0, March 2009
Explanation
Invalid RST packet
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][ICMP_TYPE][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=ICMP TYPE=19 CODE=0
Explanation
Invalid ICMP Type
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][TCP_FLAG_COMBINATION][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation
Invalid TCP flag combination
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][BAD_CHECKSUM]DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation
Bad Checksum
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][BAD_HW_CHECKSUM][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=ICMP TYPE=3 CODE=0
Explanation
Bad Hardware Checksum for ICMP packets
Table C-18. System Logs: Invalid Packets (continued)
Page 218 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
C-12
System Logs and Error Messages
v1.0, March 2009
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
[INVALID][MALFORMED_PACKET][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation
Malformed packet
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][SHORT_PACKET][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation
Short packet
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
[INVALID][ INVALID_STATE][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation
Packet with Invalid State
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][REOPEN_CLOSE_CONN][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation
Attempt to re-open/close session
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Table C-18. System Logs: Invalid Packets (continued)
Page 219 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
System Logs and Error Messages
C-13
v1.0, March 2009
Routing Logs
This section is used to configure the logging options for each network segment like LAN-WAN for
debugging purposes. This may generate a significant volume of log messages.
LAN to WAN Logs
Message
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][OUT_OF_WINDOW][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation
Packet not in TCP window
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Message
2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][ERR_HELPER_ROUTINE][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation
Error returned from helper routine
Recommended Action
1.
Invalid packets are dropped.
2.
Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid
1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid
0
Table C-19. Routing Logs: LAN to WAN
Message
Nov 29 09:19:43 [FVX538] [kernel] LAN2WAN[ACCEPT] IN=LAN OUT=WAN
SRC=192.168.10.10 DST=72.14.207.99 PROTO=ICMP TYPE=8 CODE=0
Explanation
This packet from LAN to WAN has been allowed by the firewall.
For other parameters, refer to
Table C-1
.
Recommended Action
None
Table C-18. System Logs: Invalid Packets (continued)
Page 220 / 240
ProSafe VPN Firewall 200 FVX538 Reference Manual
C-14
System Logs and Error Messages
v1.0, March 2009
LAN to DMZ Logs
DMZ to WAN Logs
WAN to LAN Logs
DMZ to LAN Logs
Table C-20. Routing Logs: LAN to DMZ
Message
Nov 29 09:44:06 [FVX538] [kernel] LAN2DMZ[ACCEPT] IN=LAN OUT=DMZ
SRC=192.168.10.10 DST=192.168.20.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
This packet from LAN to DMZ has been allowed by the firewall.
For other parameters, refer to
Table C-1
.
Recommended Action
None
Table C-21. Routing Logs: DMZ to WAN
Message
Nov 29 09:19:43 [FVX538] [kernel] DMZ2WAN[DROP] IN=DMZ OUT=WAN
SRC=192.168.20.10 DST=72.14.207.99 PROTO=ICMP TYPE=8 CODE=0
Explanation
This packet from DMZ to WAN has been dropped by the firewall.
For other parameters, refer to
Table C-1
.
Recommended Action
None
Table C-22. Routing Logs: WAN to LAN
Message
Nov 29 10:05:15 [FVX538] [kernel] WAN2LAN[ACCEPT] IN=WAN OUT=LAN
SRC=192.168.1.214 DST=192.168.10.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
This packet from LAN to WAN has been allowed by the firewall
For other parameters, refer to
Table C-1
.
Recommended Action
None
Table C-23. Routing Logs: DMZ to WAN
Message
Nov 29 09:44:06 [FVX538] [kernel] DMZ2LAN[DROP] IN=DMZ OUT=LAN
SRC=192.168.20.10 DST=192.168.10.10 PROTO=ICMP TYPE=8 CODE=0
Explanation
This packet from DMZ to LAN has been dropped by the firewall.
For other parameters, refer to
Table C-1
.
Recommended Action
None

Rate

4 / 5 based on 1 vote.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top