Quick Reference Guide
ProSafe VPN Firewall 200 FVX538 Reference Manual
C-10 System Logs and Error Messages
v1.0, January 2010
Multicast/Broadcast Logs
FTP Logging
Invalid Packet Logging
Table C-16. System Logs: Multicast/Broadcast
Message Jan 1 07:24:13 [FVX538] [kernel] MCAST-BCAST IN=WAN OUT=SELF
SRC=192.168.1.73 DST=192.168.1.255 PROTO=UDP SPT=138 DPT=138
Explanation • This packet (Broadcast) is destined to the device from the WAN network.
• For other parameters, refer to Table C-1.
Recommended Action None
Table C-17. System Logs: FTP
Message Feb 2007 22 14:46:56 [FVX538] [kernel] [FTP-ACTIVE] SRC=192.168.10.211
DST=192.168.1.97 PROTO=TCP SPT=1983 DPT=21
Feb 2007 22 14:46:56 [FVX538] [kernel] [FTP-PASSIVE] SRC=192.168.10.211
DST=192.168.1.97 PROTO=TCP SPT=1984 DPT=21
Feb 2007 22 19:48:17 [FVX538] [kernel] [FTP-DATA][ACCEPT]
SRC=192.168.10.10 DST=192.168.20.10 PROTO=TCP SPT=54879
DPT=6459
Explanation • These packets are active and passive FTP session data transfers
respectively.
• For other parameters, refer to Table C-1.
Recommended Action To enable these logs, from CLI command prompt of the router, enter this
command:
monitor/firewallLogs/logger/loggerConfig logFtp 1
And to disable it,
monitor/firewallLogs/logger/loggerConfig logFtp 0
Table C-18. System Logs: Invalid Packets
Message 2007 Oct 1 00:44:17 [FVX538] [kernel] [INVALID]
[NO_CONNTRACK_ENTRY] [DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation No Connecrtion Tracking entry exists
Recommended Action
1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0