Quick Reference Guide
ProSafe VPN Firewall 50 FVS338 Reference Manual
B-10 System Logs and Error Messages
v1.0, January 2010
Invalid Packet Logging
Table B-17. System Logs: Invalid Packets
Message 2007 Oct 1 00:44:17 [FVS338] [kernel] [INVALID]
[NO_CONNTRACK_ENTRY] [DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation No Connection Tracking entry exists
Recommended Action
1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0
Message 2007 Oct 1 00:44:17 [FVS338] [kernel]
[INVALID][RST_PACKET][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation Invalid RST packet
Recommended Action
1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0
Message 2007 Oct 1 00:44:17 [FVS338] [kernel]
[INVALID][ICMP_TYPE][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=ICMP TYPE=19 CODE=0
Explanation Invalid ICMP Type
Recommended Action
1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0
Message 2007 Oct 1 00:44:17 [FVS338] [kernel]
[INVALID][TCP_FLAG_COMBINATION][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation Invalid TCP flag combination
Recommended Action
1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0