Mailing List
Mailing List
Sign Up Here
Like, follow & share: visit DrayTek UK's Facebook page visit DrayTek UK's Twitter page visit DrayTek UK's Linkedin page
DrayTek

How do I decode firewall log entries ?

Products:
Vigor 2832
VigorBX 2000
Vigor 2100
Vigor 2110
Show all

Keywords:
Diagnostic
Firewall
Logs
Syslog

Advanced users may wish to refer to router firewall/packet filtering logs. Each line of the log will contain the following fields :

 

  1. System Time
  2. Location (LAN/WAN)
  3. Rule No (Set:Rule). Root or Group : Rule No. (Only Active rules numbered)
  4. Action Taken (No match:n Block:b Pass:p )
  5. Source IP/Port
  6. Destination IP/Port(or service name)
  7. Protocol (tcp/udp/icmp etc.)
  8. Header Length (bytes)
  9. Payload Size (Kb)
  10. Packet Type (SYN,ACK,FIN,RST,PUSH,URG etc.)
  11. ACK Number
  12. Sequence Number
  13. Window size (bytes)
  14. Direction (In or Out)

How do you rate this article?

1 1 1 1 1 1 1 1 1 1




Add a comment to this article

In the below box, you can add comments which you consider might be helpful to other users reading this article:

(As you'd like it to appear on the comment)


NOTE : All comments are reviewed before publication and may not be posted or may be redacted if the editors do not consider them helpful. The use of offensive or obscene language, copyrighted material, or advertising or promotion or linking to any other product or service is prohibited. By submitting your comment, you confirm that you are the original author and assign copyright of the content to DrayTek indefinitely and irrevocably.