Rejects, Tcp est reject, Sessions – Compatible Systems 5.4 User Manual

144

Chapter 8 - IntraGuard Firewall Configuration

The event log messages will appear in the log buffer (or wherever log
messages are being sent), only if the global log level is at the same level or a
lower level of importance. This allows you to closely monitor certain events
while excluding events you do not wish to closely monitor from the log.

Logging parameters for the device, including the global log level, are set in
the Logging Configuration Dialog Box, which can be accessed by selecting
Logging from the Device View.

Using the default configuration as an example, if you wish to see log
messages for TCP Resets, which have a default setting of Notice, you would
need to set the Log Level in the Logging Configuration Dialog Box to Notice,
Info or Debug. Any other setting would mean that TCP Resets would not
appear in the log.

Rejects

Rejects messages are created by the firewall whenever an IP packet is rejected
for any reason. The default is Info.

TCP EST Reject

TCP EST Reject messages are created by the firewall whenever an estab-
lished TCP session is rejected. These messages are also created when a TCP
session for which the firewall has not seen the SYN flag is established. The
default is Error.

Sessions

Sessions messages are created by the firewall whenever an IP session is estab-
lished. The default is Error.

TearDown

TearDown messages are created by the firewall whenever an IP session is
torn down. The default is Warning.

IP Timeouts

IP Timeouts messages are created by the firewall whenever a non-TCP
session (i.e. IP or UDP session) is timed out. The default is Warning.

TCP Timeouts

TCP Timeouts messages are created by the firewall whenever a TCP session
is timed out due to inactivity. The default is Alert.

TCP Resets

TCP Resets messages are created by the firewall whenever a TCP session is
reset. The default is Notice.