2.40. IP_OPT

Home Prev	cOS Core 15.00.01 Log Reference Guide	Next

2.40. IP_OPT

These log messages refer to the IP_OPT (Events concerning the IP header options) category.

2.40.1. source_route (ID: 01700001)

Default Severity: NOTICE
Log Message: Packet has a source route
Explanation: The packet has a source route. Ignoring.
Firewall Action: ignore
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.2. timestamp (ID: 01700002)

Default Severity: NOTICE
Log Message: Packet has a timestamp IP Option
Explanation: The packet contains a timestamp IP Option. Ignoring.
Firewall Action: ignore
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.3. router_alert (ID: 01700003)

Default Severity: NOTICE
Log Message: Packet has a router alert IP option
Explanation: The packet contains a router alert IP Option. Ignoring.
Firewall Action: ignore
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.4. ipopt_present (ID: 01700004)

Default Severity: NOTICE
Log Message: IP Option <ipopt>(<optname>) is present
Explanation: The packet contains an IP Option. Ignoring.
Firewall Action: ignore
Recommended Action: None
Revision: 1
Parameters: ipopt
optname
Context Parameters: Rule Name
Packet Buffer

2.40.5. ipoptlen_too_small (ID: 01700010)

Default Severity: WARNING
Log Message: Type <ipopt> is multibyte, available <avail>. Dropping
Explanation: The IP Option type is multi byte which requires two bytes and there is less than two bytes available. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: ipopt
minoptlen
avail
Context Parameters: Rule Name
Packet Buffer

2.40.6. ipoptlen_invalid (ID: 01700011)

Default Severity: WARNING
Log Message: Type <ipopt> claims len=<optlen>, available=<avail>. Dropping
Explanation: The IP Option type does not fit in the option space. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: ipopt
optlen
avail
Context Parameters: Rule Name
Packet Buffer

2.40.7. multiple_ip_option_routes (ID: 01700012)

Default Severity: WARNING
Log Message: Multiple source/return routes in IP options. Dropping
Explanation: There are multiple source/return routes specified among the IP Options. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.8. bad_length (ID: 01700013)

Default Severity: WARNING
Log Message: IP Option Type <ipopt>: Bad length <optlen> for <route> Route. Dropping
Explanation: An invalid length is specified for the IP Option type. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: ipopt
optlen
route
Context Parameters: Rule Name
Packet Buffer

2.40.9. bad_route_pointer (ID: 01700014)

Default Severity: WARNING
Log Message: IP Option Type <ipopt>: Bad Source Route Pointer <routeptr>. Dropping
Explanation: The packet has a Source Route Pointer, which is invalid. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: ipopt
routeptr
Context Parameters: Rule Name
Packet Buffer

2.40.10. source_route_disallowed (ID: 01700015)

Default Severity: WARNING
Log Message: Source route IP option disallowed. Dropping
Explanation: The packet has a source route, which is disallowed. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.11. multiple_ip_option_timestamps (ID: 01700016)

Default Severity: WARNING
Log Message: Multiple timestamps in IP options. Dropping
Explanation: The packet contains mutliple timestamps in IP Options. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.12. bad_timestamp_len (ID: 01700017)

Default Severity: WARNING
Log Message: IP Option Type <ipopt>: Bad length <optlen>. Dropping
Explanation: The packet contains an IP Option, which has an invalid lengh. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: ipopt
optlen
Context Parameters: Rule Name
Packet Buffer

2.40.13. bad_timestamp_pointer (ID: 01700018)

Default Severity: WARNING
Log Message: IP Option Type <ipopt>: Bad Timestamp Pointer <tsptr>. Dropping
Explanation: The packet contains an invalid Timestamp Pointer. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: ipopt
tsptr
Context Parameters: Rule Name
Packet Buffer

2.40.14. bad_timestamp_pointer (ID: 01700019)

Default Severity: WARNING
Log Message: IP Option Type <ipopt>: Bad Timestamp Pointer <tsptr> with overflow <oflo>. Dropping
Explanation: The packet contains an invalid Timestamp Pointer, with Overflow. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: ipopt
tsptr
oflo
Context Parameters: Rule Name
Packet Buffer

2.40.15. timestamp_disallowed (ID: 01700020)

Default Severity: WARNING
Log Message: Timestamp IP option disallowed. Dropping
Explanation: The packet contains a timestamp IP Option, which is disallowed. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.16. router_alert_bad_len (ID: 01700021)

Default Severity: WARNING
Log Message: IP Option Type <ipopt>: Bad length <optlen>. Dropping
Explanation: Packet contains a router alert IP Option, which has an invalid Length. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: ipopt
optlen
Context Parameters: Rule Name
Packet Buffer

2.40.17. router_alert_disallowed (ID: 01700022)

Default Severity: WARNING
Log Message: Router Alert IP Option disallowed. Dropping
Explanation: The packet contains a timestamp IP Option, which is disallowed. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.18. ipopt_present_disallowed (ID: 01700023)

Default Severity: WARNING
Log Message: IP Option <ipopt>(<optname>) is present. Dropping
Explanation: The packet contains an IP Option, which is disallowed. Dropping packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: ipopt
optname
Context Parameters: Rule Name
Packet Buffer

2.40.19. invalid_ip6payload_for_jumbo (ID: 01700039)

Default Severity: WARNING
Log Message: Non zero ip6 payload length for jumbo option
Explanation: Received a non zero ip6 payload length jumbo option packet.
Firewall Action: reject
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.20. small_payload (ID: 01700040)

Default Severity: WARNING
Log Message: Jumbo option packet with a payload less than 65535
Explanation: Received a jumbo option packet with a payload less than 65535.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.21. small_payload (ID: 01700041)

Default Severity: WARNING
Log Message: Jumbo option packet with a payload less than 65535
Explanation: Received a jumbo option packet with a payload less than 65535.
Firewall Action: reject
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.22. invalid_ip6payload_for_jumbo (ID: 01700042)

Default Severity: WARNING
Log Message: Non zero ip6 payload length for jumbo option
Explanation: Received a non zero ip6 payload length jumbo option packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.23. recvd_jumbo (ID: 01700043)

Default Severity: WARNING
Log Message: Received a jumbo option packet
Explanation: Received a jumbo option packet.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.24. invalid_order (ID: 01700044)

Default Severity: WARNING
Log Message: Invalid Jumbogram packet option other than in hop by hop header
Explanation: Received a Jumbogram packet other than in hop by hop header.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.25. recvd_jumbo (ID: 01700045)

Default Severity: WARNING
Log Message: Received a jumbo option packet
Explanation: Received a jumbo option packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.26. recvd_jumbo (ID: 01700046)

Default Severity: WARNING
Log Message: Received a jumbo option packet
Explanation: Received a jumbo option packet.
Firewall Action: reject
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.27. rcvd_router_alert (ID: 01700047)

Default Severity: WARNING
Log Message: Received Router Alert option Packet
Explanation: Received Router Alert option Packet.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.28. rcvd_router_alert (ID: 01700048)

Default Severity: WARNING
Log Message: Received Router Alert option Packet
Explanation: Received Router Alert option Packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.29. rcvd_router_alert (ID: 01700049)

Default Severity: WARNING
Log Message: Received Router Alert option Packet
Explanation: Received Router Alert option Packet.
Firewall Action: reject
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.30. invalid_option (ID: 01700050)

Default Severity: WARNING
Log Message: Invalid IPv6 extension header option encountered.
Explanation: The packet contains an IPv6 extension header option of unknown type. The option will be ignored and the rest of the packet will be processed.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.31. invalid_option (ID: 01700051)

Default Severity: WARNING
Log Message: Invalid IPv6 extension header option encountered.
Explanation: The packet contains an IPv6 extension header option of unknown type. The packet will be dropped.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.32. invalid_option (ID: 01700052)

Default Severity: WARNING
Log Message: Invalid IPv6 extension header option encountered.
Explanation: The packet contains an IPv6 extension header option of unknown type. Sending ICMPv6 Parameter Problem to the packet originator.
Firewall Action: send_param_problem
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.40.33. rcvd_ha_Option (ID: 01700053)

Default Severity: WARNING
Log Message: Received Home address option Packet
Explanation: Received Home address option Packet.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.34. rcvd_ha_Option (ID: 01700054)

Default Severity: WARNING
Log Message: Received Home address option Packet
Explanation: Received Home address option Packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.35. rcvd_ha_Option (ID: 01700055)

Default Severity: WARNING
Log Message: Received Home address option Packet
Explanation: Received Home address option Packet.
Firewall Action: reject
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.36. invalid_padN_data (ID: 01700056)

Default Severity: WARNING
Log Message: Option data containing non-zero value
Explanation: Option data containing non-zero value.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.37. invalid_padN_data (ID: 01700057)

Default Severity: WARNING
Log Message: Option data containing non-zero value
Explanation: Option data containing non-zero value.
Firewall Action: strip
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.38. invalid_padN_data (ID: 01700058)

Default Severity: WARNING
Log Message: Option data containing non-zero value
Explanation: Option data containing non-zero value.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.39. invalid_optLen (ID: 01700059)

Default Severity: WARNING
Log Message: Option Length is more than the specified number of bytes 5
Explanation: Option Length is more than the specified number of bytes 5.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: OptLen
Context Parameters: Rule Name

2.40.40. mismatch_ip_eth (ID: 01700060)

Default Severity: WARNING
Log Message: IP and ethernet destination mismatch
Explanation: IP and ethernet destination mismatch.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.41. mismatch_ip_eth (ID: 01700061)

Default Severity: WARNING
Log Message: IP and ethernet destination mismatch
Explanation: IP and ethernet destination mismatch.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.42. invalid_optlen (ID: 01700062)

Default Severity: WARNING
Log Message: Option Length is more than the size of extension header
Explanation: Option Length is more than the size of extension header.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.43. invalid_order (ID: 01700064)

Default Severity: WARNING
Log Message: Invalid Router Alert option other than in hop by hop header
Explanation: Received a Router Alert packet other than in hop by hop header.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.44. invalid_order (ID: 01700065)

Default Severity: WARNING
Log Message: Invalid home address options other than in destination header
Explanation: Received a home address packet other than in destination header.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.45. excessive_padding (ID: 01700066)

Default Severity: WARNING
Log Message: Multiple occurance of Pad1/PadN option
Explanation: Multiple occurance of Pad1/PadN option.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.46. repeated_option (ID: 01700067)

Default Severity: WARNING
Log Message: Received a packet with a repetitive options
Explanation: Received a packet with a repetitive options.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.47. more_optcount (ID: 01700068)

Default Severity: WARNING
Log Message: Number of options more than IP6MaxOPH - <optcount>
Explanation: Received a packet with number of options more than IP6MaxOPH.
Firewall Action: None
Recommended Action: None
Revision: 1
Parameters: optcount
Context Parameters: Rule Name

2.40.48. more_optcount (ID: 01700069)

Default Severity: WARNING
Log Message: Number of options more than IP6MaxOPH - <optcount>
Explanation: Received a packet with number of options more than IP6MaxOPH.
Firewall Action: drop
Recommended Action: None
Revision: 1
Parameters: optcount
Context Parameters: Rule Name

2.40.49. ip6_rhother (ID: 01700070)

Default Severity: WARNING
Log Message: Routing packet with type other than 0 or 2
Explanation: Received Routing packet other than 0 or 2.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.50. ip6_rhother (ID: 01700071)

Default Severity: WARNING
Log Message: Routing packet with type other than 0 or 2
Explanation: Received Routing packet other than 0 or 2.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.51. ip6_rh2 (ID: 01700072)

Default Severity: WARNING
Log Message: Routing header with type 2 packet
Explanation: Received Routing header type 2 packet.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.52. ip6_rh2 (ID: 01700073)

Default Severity: WARNING
Log Message: Routing header with type 2 packet
Explanation: Received Routing header type 2 packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.53. ip6_rh0 (ID: 01700074)

Default Severity: WARNING
Log Message: Routing header with type 0 packet
Explanation: Received Routing header type 0 packet.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.54. ip6_rh0 (ID: 01700075)

Default Severity: WARNING
Log Message: Routing header with type 0 packet
Explanation: Received Routing header type 0 packet.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.55. too_small_packet (ID: 01700076)

Default Severity: WARNING
Log Message: Packet is too small to process
Explanation: The received packet is too small to contain the next header and will be dropped.
Firewall Action: drop
Recommended Action: None
Revision: 2
Context Parameters: Rule Name
Packet Buffer

2.40.56. invalid_extnhdr_order (ID: 01700077)

Default Severity: WARNING
Log Message: Invalid header order
Explanation: Received a packet with invalid header order.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.57. invalid_ip6_exthdr (ID: 01700078)

Default Severity: WARNING
Log Message: Extension header length is greater than IP6ExtHdr Setting
Explanation: The received packet with extension header length is greater than IP6ExtHdr Setting.
Firewall Action: None
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.58. invalid_ip6_exthdr (ID: 01700079)

Default Severity: WARNING
Log Message: Extension header length is greater than IP6ExtHdr Setting
Explanation: The received packet with extension header length is greater than IP6ExtHdr Setting.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

2.40.59. invalid_nextheader (ID: 01700080)

Default Severity: WARNING
Log Message: Unrecognized IPv6 next header.
Explanation: A packet with unrecognized IPv6 Next Header was received.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name

Home Prev