Table of Contents
Advertisement
Traffic log message format
Traffic log messages record each connection made to a DFL-1000 interface. Each message records the
date and time at which the connection was made, the source and destination address of the connection,
and whether the connection was accepted or denied by the firewall.
Traffic log messages are created if you select one or more of the following log settings:
•
Log All Internal Traffic to Firewall
•
Log All External Traffic to Firewall
•
Log All DMZ Traffic to Firewall
Traffic log messages are also created when a policy that is set to log traffic processes a connection.
Sample Traffic Log messages:
Traffic log message format
Traffic log message format
Description
Date and time the log message was
recorded
Protocol
Source IP address and port number
Destination IP and port
TCP flag (optional)
Length of traffic packet
Action
Event log message format
Event log messages record changes made to the DFL-1000 configuration using the web-based manager.
Each message records the date and time at which the change was made, a description of the change,
and the IP address of the management computer from which the change was made.
Event log messages are created if you select the Log All Event setting.
DFL-1000 User's Manual
describes the traffic log message format.
Format
YYYY MMM DD
hh:mm:ss
TCP
,
UDP
, or
ICMP
ipaddress:port
ipaddress:port
FIN
SYN
or
LEN=length
ACCEPT
or
DENY
Example
2002 Mar 12
05:03:45
TCP
192.168.1.98:443
192.168.1.23:1199
LEN=40
ACCEPT
Maximum
Length
15 bytes
5 bytes
21 bytes
21 bytes
3 bytes
8 bytes
6 bytes
86
Advertisement
Table of Contents
