- Kerio WinRoute Firewall Administrator's Guide
20.5 Connection Log
285
• insert StaticRoutes ... — the particular command used to modify the
WinRoute’s configuration database (in this case, a static route was added to the
routing table)
3. Other changes in configuration
A typical example of this record type is the change of traffic rules. When the user
hits Apply in Configuration → Traffic policy, a complete list of current traffic rules
is written to the Config log.
Example:
[18/Apr/2003 12:06:03] Admin - New traffic policy set:
[18/Apr/2003 12:06:03] Admin - 1: name=(ICMP Traffic)
src=(any) dst=(any) service=("Ping")
snat=(any) dnat=(any) action=(Permit)
time_range=(always) inspector=(default)
• [18/Apr/2003 12:06:03] — date and time of the change
• Admin — login name of the user who did the change
• 1: — traffic rule number (rules are numbered top to bottom according to their
position in the table, the numbering starts from 1)
• name=(ICMP Traffic) ... — traffic rule definition (name, source, destination,
service etc.)
Note: The default rule (see chapter
6.1) is marked with default instead of the posi-
tional number.
20.5 Connection Log
Connection logs for traffic rules which are configured to be logged using the Log match-
ing connections option (refer to chapter 66).
How to read the Connection Log?
[18/Apr/2003 10:22:47] [ID] 613181 [Rule] NAT
[Service] HTTP [User] james
[Connection] TCP 192.168.1.140:1193 -> hit.top.com:80
[Duration] 121 sec [Bytes] 1575/1290/2865 [Packets] 5/9/14
• [18/Apr/2003 10:22:47] — date and time when the event was logged (Note: Con-
nection logs are saved immediately after a disconnection)
• [ID] 613181 — WinRoute connection identification number