User`s manual
P-660 Series Support Notes
24
All contents copyright © 2005 ZyXEL Communications Corporation.
00> means the LAN-to-WAN default ACL set, <2, 00> means the WAN-to-LAN
default ACL set.
2. What does the log show to us?
The log supports up to 128 entries. There are 2 rows and 5 columns for each entry.
Please see the example shown below.
# Time Packet Information Reason Action
127|Mar 15 0 |From:192.168.1.34 To:202.132.155.93 |default permit |forward
| 03:03:54|ICMP type:00008 code:00000 |<1,00> |
Where <X,Y> stands for <Set number, Rule number>. X=1,2 ; Y=00~10. There are
two policy sets, set 1 for rules checking connections from LAN to WAN and set 2 for
rules checking connections from WAN to LAN. So, X=1 means set 1 and X=2 means
set 2.
Y means the rule in the set. Because we can configure up to 10 rules in a set, so Y can
be from 1 to 10. If the rule number shows 00, it means the Default Rule.
3. How do I view the firewall log?
The log keeps 128 entries, the new entries will overwrite the old entries when the log
has over 128 entries.
After V3.52, all logs generated in P-660, including firewall logs, IPSec logs, system
logs are migrated to centralized logs. So you can view firewall logs in Centralized
logs.
Before you can view firewall logs there are two steps you need to do,
1. Enable log function in Centralized logs setup via either one of the following
methods,
• Web configuration: Advanced/Logs/Log Settings, check Access Control and
Attacks options depending on your real situation.
• CI command: sys logs category [access | attack]
2. Enable log function in firewall default policy or in firewall rules.
After the above two steps, you can view firewall logs via
1. Web Configurator: Advanced/Logs
2. View the log by CI command: sys logs disp