Firewall > logs page – Motorola SBG940 User Manual
Page 45
Configuration: Basic Gateway TCP/IP Wireless USB
SBG940 User Guide
37
Firewall > LOGS Page
You can use this page to set which firewall events are logged.
If you enable the firewall, the blacklist log is always generated. Any IP address the firewall determines to have
breached the active policy is added to the blacklist log. To view the blacklist log, click blacklist. The firewall blocks
all traffic to and from a blacklisted IP address for 24 hours or until you reboot the SBG940 or manually clear the
blacklist by clicking Clear on the Firewall > LOGS — blacklist page.
Firewall > LOGS page fields
Field or Button
Description
Enable Session Log
Select this box to log every data session from the private LAN that was authorized by the
SBG940 firewall. Usually, the session log displays a history of normal data traffic. It also lists
the start of sessions the firewall terminated because:
•
The policy was changed
•
They were eventually determined to be an intrusion or attack
To display the session log, click session.
Enable Blocking Log
Select this box to log inbound and outbound packets that the SBG940 firewall:
•
Does not allow to pass because they use protocols and/or ports not explicitly allowed by
the active policy
•
Determines to be invalid because of a session or reassembly timeout
To display the blocking log, click blocking.
Enable Intrusion Log
Select this box to log attacks using common network intrusion tactics that the SBG940 firewall
detects and stops.
To display the intrusion log, click intrusion.
Apply
Click to apply your changes.