The firewall table

When a loggable event occurs, i.e. an action is taken when a packet is received, or a message is sent by e-mail, syslog or SNMP, this event is recorded in the log table.

Viewing the log table in LANmonitor appears as follows:





Viewing the log table in WEBconfig appears as follows:





The table contains the following values:

Element Meaning
Idx. Sequential index (so that the table can also be polled via SNMP)
System time System time in UTC encoding (converted to cleartext for display)
Source address Source address of the filtered packet
Destination address Destination address of the filtered packet
Prot. Protocol (TCP, UDP, etc.) of the filtered packet
Source port Source port of the filtered packet (only for port related protocols).
Destination port Destination port of the filtered packet (only for port related protocols)
Filter rule Name of the rule that created the entry.
Limit Bit field describing the exceeded limit by which the packet was filtered. The following values are currently defined:
  • 0x01 Absolute number
  • 0x02 Number per second
  • 0x04 Number per minute
  • 0x08 Number per hour
  • 0X10 Global limit
  • 0x20 Byte limit (if not set, it is a packet limit)
  • 0x40 Limit only applies in the inbound direction
  • 0x80 Limit only applies in the outbound direction
Threshold Threshold limit value of the triggering limit
Action Bit field which lists all the actions performed. The following values are currently defined:
  • 0x00000001 Accept
  • 0x00000100 Reject
  • 0x00000200 Connect filter
  • 0x00000400 Internet (default router) filter
  • 0x00000800 Drop
  • 0x00001000 Disconnect
  • 0x00004000 Block source address
  • 0x00020000 Block destination address and port
  • 0x20000000 Send SYSLOG notification
  • 0x40000000 Send SNMP trap
  • 0x80000000 Send e-mail
Note: All firewall actions are also displayed in the IP router trace. Some models also have a firewall LED, which indicates each packet filtered.

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo