Home » D-Link Manuals » Network Security & Firewall Devices » D-Link DFL-260E » Manual Viewer

D-Link DFL-260E Log Reference Guide for DFL-260E - Page 31

ALG Module Name, ALG Session ID, Packet Buffer

Add to My Manuals
Save this manual to your list of manuals

Page 31 highlights

1.2. Context Parameters Chapter 1. Introduction 1.2. Context Parameters In many cases, information regarding a certain object is featured in the log message. This can be information about, for example, a connection. In this case, the log message should, besides all the normal log message attributes, also include information about which protocol is used, source and destination IP addresses and ports (if applicable), and so on. As the same information will be included in many log messages, these are referenced as a Context Parameter. So whenever a log message includes information about a connection, it will feature the CONN parameter in the Context Parameter list. This means that additional information about the connection will also be included in the log message. A description of all available context parameters follows with an explanation of all the additional parameters. The names of the additional parameters are specified using the Syslog format. ALG Module Name An ALG is always of a certain type, for example FTP, H323 or HTTP. This parameter specifies the name of the ALG sub-module, in order to quickly distinguish which type of ALG this is. algmod The name of the ALG sub-module. ALG Session ID Each ALG session has its own session ID, which uniquely identifies an ALG session. This is useful, for example, when matching the opening of an ALG session with the closure of the same ALG session. algsesid The session ID of an ALG session. Packet Buffer Information about the packet buffer, which in turn contains a large number of additional objects. Certain parameters may or may not be included, depending on the type of packet buffer. For example, the TCP flags are only included if the buffer contains a TCP protocol, and the ICMP-specific parameters are only included if the buffer contains a ICMP protocol. recvif The name of the receiving interface. [hwsender] The sender hardware address. Valid if the protocol is ARP. [hwdest] The destination hardware address. Valid if the protocol is ARP. [arp] The ARP state. Valid if the protocol is ARP. Possible values: request|reply. [srcip] The source IP Address. Valid if the protocol is not ARP. [destip] The destination IP Address. Valid if the protocol is not ARP. iphdrlen The IP header length. [fragoffs] Fragmentation offset. Valid if the IP packet is fragmented. [fragid] Fragmentation ID. Valid if the IP packet is fragmented. 31

Section	Page
Log Reference Guide	3
Table of Contents	4
Preface	27
Chapter 1. Introduction	29
1.1. Log Message Structure	29
1.2. Context Parameters	31
1.3. Severity levels	35
Chapter 2. Log Message Reference	37
2.1. ALG	38
2.1.1. alg_session_open (ID: 00200001)	38
2.1.2. alg_session_closed (ID: 00200002)	39
2.1.3. max_line_length_exceeded (ID: 00200003)	39
2.1.4. alg_session_allocation_failure (ID: 00200009)	39
2.1.5. invalid_client_http_header_received (ID: 00200100)	40
2.1.6. invalid_url_format (ID: 00200101)	40
2.1.7. unknown_client_data_received (ID: 00200105)	40
2.1.8. suspicious_data_received (ID: 00200106)	41
2.1.9. invalid_chunked_encoding (ID: 00200107)	41
2.1.10. invalid_server_http_header_received (ID: 00200108)	42
2.1.11. compressed_data_received (ID: 00200109)	42
2.1.12. max_http_sessions_reached (ID: 00200110)	42
2.1.13. failed_create_new_session (ID: 00200111)	43
2.1.14. failure_connect_http_server (ID: 00200112)	43
2.1.15. content_type_mismatch (ID: 00200113)	43
2.1.16. wcf_override_full (ID: 00200114)	44
2.1.17. content_filtering_disabled (ID: 00200115)	44
2.1.18. max_download_size_reached (ID: 00200116)	44
2.1.19. blocked_filetype (ID: 00200117)	45
2.1.20. out_of_memory (ID: 00200118)	45
2.1.21. wcf_servers_unreachable (ID: 00200119)	45
2.1.22. wcf_srv_connection_error (ID: 00200120)	46
2.1.23. wcf_server_unreachable (ID: 00200121)	46
2.1.24. wcf_connecting (ID: 00200122)	47
2.1.25. wcf_server_connected (ID: 00200123)	47
2.1.26. wcf_primary_fallback (ID: 00200124)	47
2.1.27. request_url (ID: 00200125)	47
2.1.28. request_url (ID: 00200126)	48
2.1.29. wcf_server_auth_failed (ID: 00200127)	48
2.1.30. wcf_server_bad_reply (ID: 00200128)	49
2.1.31. request_url (ID: 00200129)	49
2.1.32. out_of_memory (ID: 00200130)	49
2.1.33. wcf_bad_sync (ID: 00200131)	50
2.1.34. restricted_site_notice (ID: 00200132)	50
2.1.35. url_reclassification_request (ID: 00200133)	51
2.1.36. request_url (ID: 00200135)	51
2.1.37. request_url (ID: 00200136)	51
2.1.38. request_url (ID: 00200137)	52
2.1.39. restricted_site_notice (ID: 00200138)	52
2.1.40. url_reclassification_request (ID: 00200139)	53
2.1.41. wcf_mem_optimized (ID: 00200140)	53
2.1.42. max_smtp_sessions_reached (ID: 00200150)	54
2.1.43. maximum_email_per_minute_reached (ID: 00200151)	54
2.1.44. failed_create_new_session (ID: 00200152)	54
2.1.45. failed_connect_smtp_server (ID: 00200153)	55
2.1.46. invalid_server_response (ID: 00200155)	55
2.1.47. sender_email_id_mismatched (ID: 00200156)	55
2.1.48. sender_email_id_mismatched (ID: 00200157)	56
2.1.49. sender_email_id_is_in_blacklist (ID: 00200158)	56
2.1.50. recipient_email_id_in_blacklist (ID: 00200159)	56
2.1.51. some_recipient_email_ids_are_in_blocklist (ID: 00200160)	57
2.1.52. base64_decode_failed (ID: 00200164)	57
2.1.53. base64_decode_failed (ID: 00200165)	58
2.1.54. blocked_filetype (ID: 00200166)	58
2.1.55. content_type_mismatch (ID: 00200167)	58
2.1.56. max_email_size_reached (ID: 00200170)	59
2.1.57. content_type_mismatch_mimecheck_disabled (ID: 00200171)	59
2.1.58. all_recipient_email_ids_are_in_blocklist (ID: 00200172)	60
2.1.59. out_of_memory (ID: 00200175)	60
2.1.60. invalid_end_of_mail (ID: 00200176)	60
2.1.61. dnsbl_init_error (ID: 00200177)	61
2.1.62. cmd_too_long (ID: 00200179)	61
2.1.63. cmd_empty (ID: 00200180)	61
2.1.64. failed_send_reply_code (ID: 00200181)	62
2.1.65. smtp_no_header (ID: 00200184)	62
2.1.66. unsupported_extension (ID: 00200185)	62
2.1.67. cmd_pipelined (ID: 00200186)	63
2.1.68. smtp_state_violation (ID: 00200190)	63
2.1.69. sender_email_dnsbl_spam_mark_removed_by_whitelist (ID: 00200195)	63
2.1.70. illegal_data_direction (ID: 00200202)	64
2.1.71. hybrid_data (ID: 00200206)	64
2.1.72. hybrid_data (ID: 00200209)	65
2.1.73. illegal_chars (ID: 00200210)	65
2.1.74. control_chars (ID: 00200211)	65
2.1.75. illegal_command (ID: 00200212)	66
2.1.76. illegal_command (ID: 00200213)	66
2.1.77. port_command_disabled (ID: 00200214)	66
2.1.78. illegal_command (ID: 00200215)	67
2.1.79. illegal_ip_address (ID: 00200216)	67
2.1.80. illegal_port_number (ID: 00200217)	68
2.1.81. failed_to_create_connection1 (ID: 00200218)	68
2.1.82. illegal_command (ID: 00200219)	69
2.1.83. illegal_direction1 (ID: 00200220)	69
2.1.84. illegal_direction2 (ID: 00200221)	69
2.1.85. illegal_option (ID: 00200222)	70
2.1.86. illegal_option (ID: 00200223)	70
2.1.87. unknown_option (ID: 00200224)	71
2.1.88. illegal_command (ID: 00200225)	71
2.1.89. unknown_command (ID: 00200226)	71
2.1.90. illegal_reply (ID: 00200228)	72
2.1.91. illegal_reply (ID: 00200230)	72
2.1.92. illegal_reply (ID: 00200231)	73
2.1.93. illegal_reply (ID: 00200232)	73
2.1.94. bad_port (ID: 00200233)	73
2.1.95. bad_ip (ID: 00200234)	74
2.1.96. failed_to_create_connection2 (ID: 00200235)	74
2.1.97. failed_to_create_server_data_connection (ID: 00200236)	75
2.1.98. failed_to_send_port (ID: 00200237)	75
2.1.99. failed_to_register_rawconn (ID: 00200238)	76
2.1.100. failed_to_merge_conns (ID: 00200239)	76
2.1.101. max_ftp_sessions_reached (ID: 00200241)	76
2.1.102. failed_create_new_session (ID: 00200242)	77
2.1.103. failure_connect_ftp_server (ID: 00200243)	77
2.1.104. content_type_mismatch (ID: 00200250)	77
2.1.105. failed_to_send_command (ID: 00200251)	78
2.1.106. resumed_compressed_file_transfer (ID: 00200252)	78
2.1.107. blocked_filetype (ID: 00200253)	78
2.1.108. resumed_compressed_file_transfer (ID: 00200254)	79
2.1.109. failed_to_send_response_code (ID: 00200255)	79
2.1.110. illegal_command (ID: 00200267)	79
2.1.111. unknown_state (ID: 00200300)	80
2.1.112. invalid_message (ID: 00200301)	80
2.1.113. decode_failed (ID: 00200302)	80
2.1.114. encode_failed (ID: 00200303)	81
2.1.115. encode_failed (ID: 00200304)	81
2.1.116. encode_failed (ID: 00200305)	82
2.1.117. decode_failed (ID: 00200306)	82
2.1.118. encode_failed (ID: 00200307)	82
2.1.119. max_tcp_data_connections_exceeded (ID: 00200308)	83
2.1.120. max_connections_per_call_exceeded (ID: 00200309)	83
2.1.121. ignoring_channel (ID: 00200310)	84
2.1.122. com_mode_response_message_not_translated (ID: 00200311)	84
2.1.123. max_h323_session_reached (ID: 00200312)	84
2.1.124. failed_create_new_session (ID: 00200313)	85
2.1.125. max_h323_gk_sessions_reached (ID: 00200314)	85
2.1.126. failed_create_new_session (ID: 00200315)	85
2.1.127. failure_connect_h323_server (ID: 00200316)	86
2.1.128. com_mode_command_message_not_translated (ID: 00200317)	86
2.1.129. packet_failed_initial_test (ID: 00200350)	86
2.1.130. packet_failed_traversal_test (ID: 00200351)	87
2.1.131. command_not_allowed (ID: 00200353)	87
2.1.132. option_value_invalid (ID: 00200354)	88
2.1.133. option_value_invalid (ID: 00200355)	88
2.1.134. option_tsize_invalid (ID: 00200356)	88
2.1.135. unknown_option_blocked (ID: 00200357)	89
2.1.136. option_tsize_invalid (ID: 00200358)	89
2.1.137. unknown_option_blocked (ID: 00200359)	89
2.1.138. option_not_sent (ID: 00200360)	90
2.1.139. option_value_invalid (ID: 00200361)	90
2.1.140. option_value_invalid (ID: 00200362)	90
2.1.141. blksize_out_of_range (ID: 00200363)	91
2.1.142. max_tftp_sessions_reached (ID: 00200364)	91
2.1.143. failed_create_new_session (ID: 00200365)	92
2.1.144. invalid_packet_received (ID: 00200366)	92
2.1.145. failed_create_connection (ID: 00200367)	92
2.1.146. invalid_packet_received_reopen (ID: 00200368)	93
2.1.147. packet_out_of_sequence (ID: 00200369)	93
2.1.148. transfer_size_exceeded (ID: 00200370)	93
2.1.149. options_removed (ID: 00200371)	94
2.1.150. failed_strip_option (ID: 00200372)	94
2.1.151. failed_create_connection (ID: 00200373)	94
2.1.152. invalid_error_message_received (ID: 00200374)	95
2.1.153. max_pop3_sessions_reached (ID: 00200380)	95
2.1.154. failed_create_new_session (ID: 00200381)	96
2.1.155. failed_connect_pop3_server (ID: 00200382)	96
2.1.156. out_of_memory (ID: 00200383)	96
2.1.157. blocked_filetype (ID: 00200384)	97
2.1.158. response_blocked_unknown (ID: 00200385)	97
2.1.159. base64_decode_failed (ID: 00200386)	97
2.1.160. possible_invalid_mail_end (ID: 00200387)	98
2.1.161. command_blocked_invalid_len (ID: 00200388)	98
2.1.162. response_blocked_invalid_len (ID: 00200389)	98
2.1.163. content_type_mismatch (ID: 00200390)	99
2.1.164. content_type_mismatch_mimecheck_disabled (ID: 00200391)	99
2.1.165. command_blocked_invalid_argument (ID: 00200392)	100
2.1.166. command_blocked (ID: 00200393)	100
2.1.167. unknown_command_blocked (ID: 00200394)	100
2.1.168. unexpected_mail_end (ID: 00200396)	101
2.1.169. invalid_line_endings (ID: 00200397)	101
2.1.170. top_mail_end_blocked (ID: 00200398)	101
2.1.171. max_tls_sessions_reached (ID: 00200450)	102
2.1.172. failed_create_new_session (ID: 00200451)	102
2.1.173. failure_connect_http_server (ID: 00200452)	102
2.1.174. tls_alert_received (ID: 00200453)	103
2.1.175. tls_renegotiation_attempted (ID: 00200454)	103
2.1.176. tls_alert_sent (ID: 00200455)	104
2.1.177. tls_cipher_suite_certificate_mismatch (ID: 00200456)	104
2.1.178. ssl_renegotiation_attempted (ID: 00200457)	104
2.1.179. tls_disallowed_key_exchange (ID: 00200458)	105
2.1.180. tls_invalid_message (ID: 00200459)	105
2.1.181. tls_bad_message_order (ID: 00200460)	105
2.1.182. tls_no_shared_cipher_suites (ID: 00200461)	106
2.1.183. tls_out_of_memory (ID: 00200462)	106
2.1.184. tls_failed_to_verify_finished (ID: 00200463)	107
2.1.185. unknown_tls_error (ID: 00200464)	107
2.1.186. sdp_message_parsing_failed (ID: 00200501)	107
2.1.187. sdp_message_validation_failed (ID: 00200502)	108
2.1.188. sip_message_parsing_failed (ID: 00200503)	108
2.1.189. sip_message_validation_failed (ID: 00200504)	109
2.1.190. max_sessions_per_uri_reached (ID: 00200505)	109
2.1.191. registration_hijack_detected (ID: 00200506)	109
2.1.192. sip_signal_timeout (ID: 00200507)	110
2.1.193. sip_request_response_timeout (ID: 00200508)	110
2.1.194. registration_time_modified (ID: 00200509)	111
2.1.195. unsuccessful_registration (ID: 00200510)	111
2.1.196. unsuccessful_unregistration (ID: 00200511)	112
2.1.197. unsuccessful_search_in_registration_table (ID: 00200512)	112
2.1.198. sipalg_session_created (ID: 00200513)	113
2.1.199. failed_to_create_session (ID: 00200514)	113
2.1.200. failed_to_find_session (ID: 00200515)	113
2.1.201. sipalg_session_deleted (ID: 00200516)	114
2.1.202. sipalg_session_state_updated (ID: 00200517)	114
2.1.203. sipalg_transaction_created (ID: 00200520)	115
2.1.204. failed_to_create_new_transaction (ID: 00200521)	115
2.1.205. failed_to_find_transaction (ID: 00200522)	115
2.1.206. sipalg_transaction_deleted (ID: 00200523)	116
2.1.207. sipalg_transaction_state_updated (ID: 00200524)	116
2.1.208. no_route_found (ID: 00200526)	117
2.1.209. failed_to_get_free_port (ID: 00200527)	117
2.1.210. failed_to_find_role (ID: 00200528)	118
2.1.211. failed_to_update_port (ID: 00200529)	118
2.1.212. failed_to_update_contact (ID: 00200530)	118
2.1.213. failed_to_modify_sdp_message (ID: 00200531)	119
2.1.214. failed_to_modify_via (ID: 00200532)	119
2.1.215. failed_to_modify_from (ID: 00200533)	120
2.1.216. failed_to_modify_request_uri (ID: 00200534)	120
2.1.217. failed_to_modify_request (ID: 00200535)	120
2.1.218. method_not_supported (ID: 00200536)	121
2.1.219. general_error (ID: 00200537)	121
2.1.220. third_party_call_control (ID: 00200538)	122
2.1.221. out_of_memory (ID: 00200539)	122
2.1.222. null_sip_message_received (ID: 00200540)	122
2.1.223. user_registered (ID: 00200541)	123
2.1.224. user_unregistered (ID: 00200542)	123
2.1.225. dns_resolution_failed (ID: 00200545)	123
2.1.226. failed_to_modify_contact (ID: 00200547)	124
2.1.227. invalid_udp_packet (ID: 00200548)	124
2.1.228. failed_to_parse_media (ID: 00200549)	124
2.1.229. max_session_per_service_reached (ID: 00200550)	125
2.1.230. max_tsxn_per_session_reached (ID: 00200551)	125
2.1.231. invalid_transaction_state (ID: 00200552)	126
2.1.232. invalid_session_state (ID: 00200553)	126
2.1.233. sipalg_callleg_created (ID: 00200554)	127
2.1.234. failed_to_create_new_callleg (ID: 00200555)	127
2.1.235. failed_to_find_callleg (ID: 00200556)	127
2.1.236. failed_to_update_callleg (ID: 00200557)	128
2.1.237. sipalg_callleg_deleted (ID: 00200558)	128
2.1.238. failed_to_modify_response (ID: 00200559)	129
2.1.239. sipalg_callleg_state_updated (ID: 00200560)	129
2.1.240. failed_to_modify_sat_request (ID: 00200561)	130
2.1.241. max_pptp_sessions_reached (ID: 00200601)	130
2.1.242. failed_create_new_session (ID: 00200602)	130
2.1.243. failed_connect_pptp_server (ID: 00200603)	131
2.1.244. pptp_tunnel_established_client (ID: 00200604)	131
2.1.245. pptp_tunnel_removed_client (ID: 00200605)	131
2.1.246. pptp_tunnel_removed_server (ID: 00200606)	132
2.1.247. pptp_session_established (ID: 00200607)	132
2.1.248. pptp_session_removed (ID: 00200608)	132
2.1.249. pptp_malformed_packet (ID: 00200609)	133
2.1.250. pptp_tunnel_established_server (ID: 00200610)	133
2.2. ANTISPAM	134
2.2.1. recipient_email_changed_to_drop_address (ID: 05900196)	134
2.2.2. dnsbl_allocate_error (ID: 05900800)	134
2.2.3. dnsbl_ipcache_add (ID: 05900810)	134
2.2.4. dnsbl_ipcache_remove (ID: 05900811)	135
2.2.5. dnsbl_session_add (ID: 05900812)	135
2.2.6. dnsbl_session_error (ID: 05900813)	135
2.2.7. dnsbl_ipcache_add (ID: 05900814)	136
2.2.8. dnsbl_disabled (ID: 05900815)	136
2.2.9. dnsbl_active (ID: 05900816)	136
2.2.10. dnsbl_query_add (ID: 05900817)	137
2.2.11. dnsbl_blacklist_disable (ID: 05900818)	137
2.2.12. dnsbl_txtrecord_truncated (ID: 05900819)	137
2.2.13. dnsbl_record_truncated (ID: 05900820)	138
2.3. ANTIVIRUS	139
2.3.1. virus_found (ID: 05800001)	139
2.3.2. virus_found (ID: 05800002)	139
2.3.3. excluded_file (ID: 05800003)	140
2.3.4. decompression_failed (ID: 05800004)	140
2.3.5. decompression_failed (ID: 05800005)	140
2.3.6. compression_ratio_violation (ID: 05800006)	141
2.3.7. compression_ratio_violation (ID: 05800007)	141
2.3.8. compression_ratio_violation (ID: 05800008)	142
2.3.9. out_of_memory (ID: 05800009)	142
2.3.10. out_of_memory (ID: 05800010)	143
2.3.11. virus_scan_failure (ID: 05800011)	143
2.3.12. virus_scan_failure (ID: 05800012)	143
2.3.13. no_valid_license (ID: 05800015)	144
2.3.14. no_signature_database (ID: 05800016)	144
2.3.15. general_engine_error (ID: 05800017)	144
2.3.16. out_of_memory (ID: 05800018)	145
2.3.17. decompression_failed_encrypted_file (ID: 05800024)	145
2.3.18. decompression_failed_encrypted_file (ID: 05800025)	146
2.3.19. unknown_encoding (ID: 05800182)	146
2.3.20. unknown_encoding (ID: 05800183)	146
2.3.21. unknown_encoding (ID: 05800184)	147
2.3.22. unknown_encoding (ID: 05800185)	147
2.4. ARP	149
2.4.1. already_exists (ID: 00300001)	149
2.4.2. no_sender_ip (ID: 00300002)	149
2.4.3. no_sender_ip (ID: 00300003)	149
2.4.4. arp_response_broadcast (ID: 00300004)	150
2.4.5. arp_response_multicast (ID: 00300005)	150
2.4.6. mismatching_hwaddrs (ID: 00300006)	150
2.4.7. mismatching_hwaddrs_drop (ID: 00300007)	151
2.4.8. hwaddr_change (ID: 00300008)	151
2.4.9. arp_resolution_failed (ID: 00300009)	151
2.4.10. arp_cache_size_limit_reached (ID: 00300030)	152
2.4.11. invalid_arp_sender_ip_address (ID: 00300049)	152
2.4.12. arp_access_allowed_expect (ID: 00300050)	152
2.4.13. impossible_hw_address (ID: 00300051)	153
2.4.14. arp_response_broadcast_drop (ID: 00300052)	153
2.4.15. arp_response_multicast_drop (ID: 00300053)	153
2.4.16. arp_collides_with_static (ID: 00300054)	154
2.4.17. hwaddr_change_drop (ID: 00300055)	154
2.5. AVUPDATE	155
2.5.1. av_db_update_failure (ID: 05000001)	155
2.5.2. av_database_downloaded (ID: 05000002)	155
2.5.3. av_db_already_up_to_date (ID: 05000003)	155
2.5.4. av_db_update_denied (ID: 05000004)	155
2.5.5. av_detects_invalid_system_time (ID: 05000005)	156
2.5.6. downloading_new_database (ID: 05000007)	156
2.5.7. unsynced_databases (ID: 05000008)	156
2.6. BLACKLIST	158
2.6.1. failed_to_write_list_of_blocked_hosts_to_media (ID: 04600001)	158
2.6.2. unable_to_allocate_static_entry (ID: 04600002)	158
2.6.3. unable_to_allocate_host_entry (ID: 04600003)	158
2.6.4. connection_blacklisted (ID: 04600004)	158
2.6.5. packet_blacklisted (ID: 04600005)	159
2.6.6. packet_blacklisted (ID: 04600006)	159
2.7. BUFFERS	161
2.7.1. buffers_flooded (ID: 00500001)	161
2.7.2. buffers_profile (ID: 00500002)	161
2.8. CONN	162
2.8.1. conn_open (ID: 00600001)	162
2.8.2. conn_close (ID: 00600002)	162
2.8.3. connection_table_full (ID: 00600003)	162
2.8.4. conn_open_natsat (ID: 00600004)	163
2.8.5. conn_close_natsat (ID: 00600005)	163
2.8.6. out_of_connections (ID: 00600010)	163
2.8.7. out_of_connections (ID: 00600011)	164
2.8.8. no_new_conn_for_this_packet (ID: 00600012)	164
2.8.9. no_new_conn_for_this_packet (ID: 00600013)	164
2.8.10. no_return_route (ID: 00600014)	165
2.8.11. reverse_connect_attempt (ID: 00600015)	165
2.8.12. port_0_illegal (ID: 00600020)	165
2.8.13. udp_src_port_0_illegal (ID: 00600021)	166
2.8.14. udp_src_port_0_forwarded (ID: 00600022)	166
2.8.15. conn_usage (ID: 00600023)	166
2.8.16. active_data (ID: 00600100)	167
2.8.17. passive_data (ID: 00600101)	167
2.8.18. active_data (ID: 00600102)	167
2.8.19. passive_data (ID: 00600103)	168
2.9. DHCP	169
2.9.1. offered_ip_occupied (ID: 00700001)	169
2.9.2. lease_changed (ID: 00700002)	169
2.9.3. lease_acquired (ID: 00700003)	169
2.9.4. renewed_lease (ID: 00700004)	170
2.9.5. lease_expired (ID: 00700005)	170
2.9.6. invalid_lease_time (ID: 00700007)	170
2.9.7. invalid_server_id (ID: 00700008)	171
2.9.8. invalid_netmask (ID: 00700009)	171
2.9.9. invalid_broadcast (ID: 00700010)	171
2.9.10. invalid_offered_ip (ID: 00700011)	172
2.9.11. invalid_gateway (ID: 00700012)	172
2.9.12. offered_broadcast_equals_gateway (ID: 00700013)	172
2.9.13. ip_collision (ID: 00700014)	173
2.9.14. route_collision (ID: 00700015)	173
2.10. DHCPRELAY	175
2.10.1. unable_to_save_dhcp_relay_list (ID: 00800001)	175
2.10.2. dhcp_relay_list_saved (ID: 00800002)	175
2.10.3. dhcp_pkt_too_small (ID: 00800003)	175
2.10.4. incorrect_bootp_dhcp_cookie (ID: 00800004)	175
2.10.5. maximum_ppm_for_relayer_reached (ID: 00800005)	176
2.10.6. relayer_resuming (ID: 00800006)	176
2.10.7. hop_limit_exceeded (ID: 00800007)	176
2.10.8. client_release (ID: 00800008)	177
2.10.9. got_reply_without_transaction_state (ID: 00800009)	177
2.10.10. maximum_dhcp_client_relay_routes_reached (ID: 00800010)	177
2.10.11. unable_to_add_relay_route_since_out_of_memory (ID: 00800011)	178
2.10.12. ignored_relay_request (ID: 00800012)	178
2.10.13. no_message_type (ID: 00800013)	178
2.10.14. bad_inform_pkt_with_mismatching_source_ip_and_client_ip (ID: 00800014)	179
2.10.15. received_relayed_inform_packet_without_client_ip (ID: 00800015)	179
2.10.16. maximum_current_dhcp_relays_for_iface (ID: 00800016)	179
2.10.17. dhcp_server_is_unroutable (ID: 00800017)	180
2.10.18. unable_to_get_free_transaction_state (ID: 00800018)	180
2.10.19. invalid_gateway (ID: 00800019)	180
2.10.20. relayed_request (ID: 00800020)	181
2.10.21. relayed_request (ID: 00800021)	181
2.10.22. got_reply_on_a_non_security_equivalent_interface (ID: 00800022)	181
2.10.23. assigned_ip_not_allowed (ID: 00800023)	182
2.10.24. illegal_client_ip_assignment (ID: 00800024)	182
2.10.25. ambiguous_host_route (ID: 00800025)	183
2.10.26. relayed_dhcp_reply (ID: 00800026)	183
2.10.27. relayed_bootp_reply (ID: 00800027)	183
2.10.28. relayed_dhcp_reply (ID: 00800028)	184
2.10.29. relayed_bootp_reply (ID: 00800029)	184
2.11. DHCPSERVER	185
2.11.1. unable_to_send_response (ID: 00900001)	185
2.11.2. option_section_is_too_big_unable_to_reply (ID: 00900002)	185
2.11.3. unable_to_save_lease_db (ID: 00900003)	185
2.11.4. lease_db_successfully_saved (ID: 00900004)	185
2.11.5. dhcp_packet_too_small (ID: 00900005)	186
2.11.6. request_for_ip_from_non_bound_client_without_state (ID: 00900006)	186
2.11.7. request_for_ip_from_bound_client_without_state (ID: 00900007)	186
2.11.8. request_for_ip_from_non_bound_client_without_state (ID: 00900008)	187
2.11.9. all_ip_pools_depleted (ID: 00900010)	187
2.11.10. request_with_bad_udp_checksum (ID: 00900011)	187
2.11.11. lease_timeout (ID: 00900012)	188
2.11.12. lease_timeout (ID: 00900013)	188
2.11.13. pool_depleted (ID: 00900014)	188
2.11.14. sending_offer (ID: 00900015)	189
2.11.15. pool_depleted (ID: 00900016)	189
2.11.16. request_for_non_offered_ip (ID: 00900017)	189
2.11.17. request_for_non_bound_ip (ID: 00900018)	190
2.11.18. client_bound (ID: 00900019)	190
2.11.19. client_renewed (ID: 00900020)	190
2.11.20. got_inform_request (ID: 00900021)	191
2.11.21. decline_for_ip_on_wrong_iface (ID: 00900022)	191
2.11.22. decline_for_non_offered_ip (ID: 00900023)	192
2.11.23. declined_by_client (ID: 00900024)	192
2.11.24. request_for_ip_from_bound_client_without_state (ID: 00900025)	192
2.11.25. release_for_ip_on_wrong_iface (ID: 00900026)	193
2.11.26. released_by_client (ID: 00900027)	193
2.12. DYNROUTING	194
2.12.1. failed_to_export_route_to_ospf_process_failed_to_alloc (ID: 01100001)	194
2.12.2. route_exported_to_ospf_as (ID: 01100002)	194
2.12.3. route_unexported_from_ospf_as (ID: 01100003)	194
2.12.4. failed_to_add_route_unable_to_alloc (ID: 01100004)	195
2.12.5. route_added (ID: 01100005)	195
2.12.6. route_removed (ID: 01100006)	195
2.13. FRAG	197
2.13.1. individual_frag_timeout (ID: 02000001)	197
2.13.2. fragact_contains_frags (ID: 02000002)	197
2.13.3. fail_suspect_out_of_resources (ID: 02000003)	197
2.13.4. fail_out_of_resources (ID: 02000004)	198
2.13.5. fail_suspect_timeout (ID: 02000005)	198
2.13.6. fail_timeout (ID: 02000006)	199
2.13.7. disallowed_suspect (ID: 02000007)	199
2.13.8. drop_frags_of_disallowed_packet (ID: 02000008)	199
2.13.9. drop_frags_of_illegal_packet (ID: 02000009)	200
2.13.10. drop_extraneous_frags_of_completed_packet (ID: 02000010)	200
2.13.11. learn_state (ID: 02000011)	201
2.13.12. drop_duplicate_frag_suspect_packet (ID: 02000012)	201
2.13.13. drop_duplicate_frag (ID: 02000013)	202
2.13.14. frag_offset_plus_length_not_in_range (ID: 02000014)	202
2.13.15. no_available_fragacts (ID: 02000015)	202
2.13.16. bad_ipdatalen (ID: 02000016)	203
2.13.17. bad_ipdatalen (ID: 02000017)	203
2.13.18. overlapping_frag (ID: 02000018)	203
2.13.19. bad_offs (ID: 02000019)	204
2.13.20. duplicate_frag_with_different_length (ID: 02000020)	204
2.13.21. duplicate_frag_with_different_data (ID: 02000021)	204
2.13.22. partial_overlap (ID: 02000022)	205
2.13.23. drop_frag_disallowed_suspect_packet (ID: 02000023)	205
2.13.24. drop_frag_disallowed_packet (ID: 02000024)	205
2.13.25. already_completed (ID: 02000025)	206
2.13.26. drop_frag_failed_suspect_packet (ID: 02000026)	206
2.13.27. drop_frag_failed_packet (ID: 02000027)	206
2.13.28. drop_frag_illegal_packet (ID: 02000028)	206
2.13.29. fragments_available_freeing (ID: 02000100)	207
2.14. GRE	208
2.14.1. failed_to_setup_gre_tunnel (ID: 02200001)	208
2.14.2. gre_bad_flags (ID: 02200002)	208
2.14.3. gre_bad_version (ID: 02200003)	208
2.14.4. gre_checksum_error (ID: 02200004)	208
2.14.5. gre_length_error (ID: 02200005)	209
2.14.6. gre_send_routing_loop_detected (ID: 02200006)	209
2.14.7. unmatched_session_key (ID: 02200007)	209
2.14.8. gre_routing_flag_set (ID: 02200008)	210
2.15. HA	211
2.15.1. peer_gone (ID: 01200001)	211
2.15.2. peer_gone (ID: 01200002)	211
2.15.3. conflict_both_peers_active (ID: 01200003)	211
2.15.4. peer_has_higher_local_load (ID: 01200004)	211
2.15.5. peer_has_lower_local_load (ID: 01200005)	212
2.15.6. peer_has_more_connections (ID: 01200006)	212
2.15.7. peer_has_fewer_connections (ID: 01200007)	212
2.15.8. conflict_both_peers_inactive (ID: 01200008)	212
2.15.9. peer_has_more_connections (ID: 01200009)	213
2.15.10. peer_has_fewer_connections (ID: 01200010)	213
2.15.11. peer_alive (ID: 01200011)	213
2.15.12. heartbeat_from_unknown (ID: 01200043)	214
2.15.13. should_have_arrived_on_sync_iface (ID: 01200044)	214
2.15.14. activate_failed (ID: 01200050)	214
2.15.15. merge_failed (ID: 01200051)	215
2.15.16. ha_commit_error (ID: 01200052)	215
2.15.17. ha_write_failed (ID: 01200053)	215
2.15.18. ha_commit_unknown_error (ID: 01200054)	215
2.15.19. linkmon_triggered_failover (ID: 01200055)	216
2.15.20. resync_conns_to_peer (ID: 01200100)	216
2.15.21. hasync_connection_established (ID: 01200200)	216
2.15.22. hasync_connection_disconnected_lifetime_expired (ID: 01200201)	217
2.15.23. hasync_connection_failed_timeout (ID: 01200202)	217
2.15.24. resync_conns_to_peer_complete (ID: 01200300)	217
2.15.25. disallowed_on_sync_iface (ID: 01200400)	217
2.15.26. sync_packet_on_nonsync_iface (ID: 01200410)	218
2.15.27. ttl_too_low (ID: 01200411)	218
2.15.28. heartbeat_from_myself (ID: 01200412)	218
2.15.29. config_sync_failure (ID: 01200500)	219

Match case Limit results 1 per page

1.2. Context Parameters

In many cases, information regarding a certain object is featured in the log message. This can be

information about, for example, a connection. In this case, the log message should, besides all the

normal log message attributes, also include information about which protocol is used, source and

destination IP addresses and ports (if applicable), and so on.

As the same information will be included in many log messages, these are referenced as a

Context

Parameter

. So whenever a log message includes information about a connection, it will feature the

CONN parameter in the Context Parameter list. This means that additional information about the

connection will also be included in the log message.

A description of all available context parameters follows with an explanation of all the additional

parameters. The names of the additional parameters are specified using the Syslog format.

ALG Module Name

An ALG is always of a certain type, for example FTP, H323 or HTTP. This parameter specifies the

name of the ALG sub-module, in order to quickly distinguish which type of ALG this is.

algmod

The name of the ALG sub-module.

ALG Session ID

Each ALG session has its own session ID, which uniquely identifies an ALG session. This is useful,

for example, when matching the opening of an ALG session with the closure of the same ALG

session.

algsesid

The session ID of an ALG session.

Packet Buffer

Information about the packet buffer, which in turn contains a large number of additional objects.

Certain parameters may or may not be included, depending on the type of packet buffer. For

example, the TCP flags are only included if the buffer contains a TCP protocol, and the

ICMP-specific parameters are only included if the buffer contains a ICMP protocol.

recvif

The name of the receiving interface.

[hwsender]

The sender hardware address. Valid if the protocol is ARP.

[hwdest]

The destination hardware address. Valid if the protocol is ARP.

[arp]

The ARP state. Valid if the protocol is ARP. Possible values:

request|reply

[srcip]

The source IP Address. Valid if the protocol is not ARP.

[destip]

The destination IP Address. Valid if the protocol is not ARP.

iphdrlen

The IP header length.

[fragoffs]

Fragmentation offset. Valid if the IP packet is fragmented.

[fragid]

Fragmentation ID. Valid if the IP packet is fragmented.

1.2. Context Parameters

Chapter 1. Introduction