Quick Reference Guide
ProSafe VPN Firewall 200 FVX538 Reference Manual
C-10 System Logs and Error Messages
v1.0, March 2009
FTP Logging
Invalid Packet Logging
Explanation • This packet (Broadcast) is destined to the device from the WAN network.
• For other parameters, refer to Table C-1.
Recommended Action None
Table C-17. System Logs: FTP
Message Feb 2007 22 14:46:56 [FVX538] [kernel] [FTP-ACTIVE] SRC=192.168.10.211
DST=192.168.1.97 PROTO=TCP SPT=1983 DPT=21
Feb 2007 22 14:46:56 [FVX538] [kernel] [FTP-PASSIVE] SRC=192.168.10.211
DST=192.168.1.97 PROTO=TCP SPT=1984 DPT=21
Feb 2007 22 19:48:17 [FVX538] [kernel] [FTP-DATA][ACCEPT]
SRC=192.168.10.10 DST=192.168.20.10 PROTO=TCP SPT=54879
DPT=6459
Explanation • These packets are active and passive FTP session data transfers
respectively.
• For other parameters, refer to Table C-1.
Recommended Action To enable these logs, from CLI command prompt of the router, enter this
command:
monitor/firewallLogs/logger/loggerConfig logFtp 1
And to disable it,
monitor/firewallLogs/logger/loggerConfig logFtp 0
Table C-18. System Logs: Invalid Packets
Message 2007 Oct 1 00:44:17 [FVX538] [kernel] [INVALID]
[NO_CONNTRACK_ENTRY] [DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation No Connecrtion Tracking entry exists
Recommended Action
1. Invalid packets are dropped.
2. Use this command to enable dropping and logging of the invalid packets:
fw/rules/attackChecks/configure dropInvalid 1
To allow invalid packet and disable logging:
fw/rules/attackChecks/configure dropInvalid 0
Message 2007 Oct 1 00:44:17 [FVX538] [kernel]
[INVALID][RST_PACKET][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Table C-16. System Logs: Multicast/Broadcast (continued)