ZyXEL Communications Internet Security Gateway ZyWALL 2 Series User Manual

ZyWALL 2 Series User’s Guide

Log Descriptions

O-9

Chart O-6 Access Logs

LOG MESSAGE

DESCRIPTION

Packet without a NAT

table entry blocked

The router blocked a packet that did not have a corresponding
SUA/NAT table entry.

Out of order TCP

handshake packet

blocked

The router blocked a TCP handshake packet that came out of the
proper order

Drop unsupported/out-

of-order ICMP

The ZyWALL generates this log after it drops an ICMP packet due to
one of the following two reasons:

1. The ZyWALL does not support the ICMP packet's protocol.

2. The ICMP packet is an echo reply for which there was no
corresponding echo request.

Router sent ICMP

response packet

(type:%d, code:%d)

The router sent an ICMP response packet. This packet automatically
bypasses the firewall. See the section on ICMP messages for type
and code details.

Chart O-7 ACL Setting Notes

ACL SET

NUMBER

DIRECTION DESCRIPTION

1

LAN to WAN

ACL set 1 for packets traveling from the LAN to the WAN.

2

WAN to LAN

ACL set 2 for packets traveling from the WAN to the LAN.

7

LAN to
LAN/ZyWALL

ACL set 7 for packets traveling from the LAN to the LAN or the
ZyWALL.

8

WAN to
WAN/ZyWALL

ACL set 8 for packets traveling from the WAN to the WAN or the
ZyWALL.

Chart O-8 ICMP Notes

TYPE CODE

DESCRIPTION

0

Echo Reply

0

Echo reply message