The firewall table

When a loggable event occurs, i.e. an action is taken when a packet is received, or a message is sent by e-mail, syslog or SNMP, this event is recorded in the log table.

Viewing the log table in LANmonitor appears as follows:

Viewing the log table in WEBconfig appears as follows:

The table contains the following values:

Element	Meaning
Idx.	Sequential index (so that the table can also be polled via SNMP)
System time	System time in UTC encoding (converted to cleartext for display)
Source address	Source address of the filtered packet
Destination address	Destination address of the filtered packet
Prot.	Protocol (TCP, UDP, etc.) of the filtered packet
Source port	Source port of the filtered packet (only for port related protocols).
Destination port	Destination port of the filtered packet (only for port related protocols)
Filter rule	Name of the rule that created the entry.
Limit	Bit field describing the exceeded limit by which the packet was filtered. The following values are currently defined: 0x01 Absolute number 0x02 Number per second 0x04 Number per minute 0x08 Number per hour 0X10 Global limit 0x20 Byte limit (if not set, it is a packet limit) 0x40 Limit only applies in the inbound direction 0x80 Limit only applies in the outbound direction
Threshold	Threshold limit value of the triggering limit
Action	Bit field which lists all the actions performed. The following values are currently defined: 0x00000001 Accept 0x00000100 Reject 0x00000200 Connect filter 0x00000400 Internet (default router) filter 0x00000800 Drop 0x00001000 Disconnect 0x00004000 Block source address 0x00020000 Block destination address and port 0x20000000 Send SYSLOG notification 0x40000000 Send SNMP trap 0x80000000 Send e-mail

Note: All firewall actions are also displayed in the IP router trace. Some models also have a firewall LED, which indicates each packet filtered.