2.58. RULE

Home Prev	cOS Core 15.00.01 Log Reference Guide	Next

2.58. RULE

These log messages refer to the RULE (Events triggered by rules) category.

2.58.1. ruleset_fwdfast (ID: 06000003)

Default Severity: NOTICE
Log Message: Packet statelessly forwarded (fwdfast)
Explanation: The packet matches a rule with a "fwdfast" action and is statelessly forwarded.
Firewall Action: fwdfast
Recommended Action: None
Revision: 1
Context Parameters: Rule Information
Packet Buffer

2.58.2. ip_verified_access (ID: 06000005)

Default Severity: NOTICE
Log Message: IP address verified according to ACCESS section
Explanation: The IP address was verified according to the ACCESS section.
Firewall Action: access_allow
Recommended Action: None
Revision: 2
Context Parameters: Rule Name
Packet Buffer

2.58.3. rule_match (ID: 06000006)

Default Severity: DEBUG
Log Message: GOTO action trigged
Explanation: A rule with a special GOTO action was trigged by an IP-rule lookup. This log message only appears if you explicitly requested it for the rule in question and it is considered of DEBUG severity.
Firewall Action: GOTO
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Rule Information
Packet Buffer

2.58.4. rule_match (ID: 06000007)

Default Severity: DEBUG
Log Message: RETURN action trigged
Explanation: A rule with a special RETURN action was trigged by an IP-rule lookup. This log message only appears if you explicitly requested it for the rule in question and it is considered of DEBUG severity.
Firewall Action: RETURN
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Rule Information
Packet Buffer

2.58.5. block0net (ID: 06000010)

Default Severity: WARNING
Log Message: Destination address is the 0.* net. Dropping
Explanation: The destination address was the 0.* net, which is not allowed according to the configuration. The packet is dropped.
Firewall Action: drop
Recommended Action: Investigate why this traffic had the 0.* net as the destination.
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.6. block0net (ID: 06000011)

Default Severity: WARNING
Log Message: Destination address is the 0.* net. Accepting
Explanation: The destination address was the 0.* net, which is allowed according to the configuration. The packet is accepted.
Firewall Action: accept
Recommended Action: If this type of traffic should be dropped, modify the "Settings" section in the configuration.
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.7. block127net (ID: 06000012)

Default Severity: WARNING
Log Message: Destination address is the 127.* net. Dropping
Explanation: The destination address was the 127.* net, which is not allowed according to the configuration. The packet is dropped.
Firewall Action: drop
Recommended Action: Investigate why this traffic had the 127.* net as the destination.
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.8. block127net (ID: 06000013)

Default Severity: WARNING
Log Message: Destination address is the 127.* net. Accepting
Explanation: The destination address was the 127.* net, which is allowed according to the configuration. The packet is accepted.
Firewall Action: accept
Recommended Action: If this type of traffic should be dropped, modify the "Settings" section in the configuration.
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.9. broadcast_nat (ID: 06000014)

Default Severity: NOTICE
Log Message: \nat" action does not forward broadcast traffic.
Explanation: Broadcast traffic can be only forwarded by "allow" or "fwdfast" actions.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.10. allow_broadcast (ID: 06000016)

Default Severity: NOTICE
Log Message: Broadcast packet statelessly forwarded
Explanation: The broadcast packet matches a rule with a "allow" action and is statelessly forwarded.
Firewall Action: stateless_fwd
Recommended Action: None
Revision: 1
Context Parameters: Rule Information
Packet Buffer

2.58.11. block0net (ID: 06000020)

Default Severity: WARNING
Log Message: Destination address is the 0::/8 net. Dropping
Explanation: The destination address was the 0::/8 net, which is not allowed according to the configuration. The packet is dropped.
Firewall Action: drop
Recommended Action: Investigate why this traffic had the 0::/8 net as the destination.
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.12. block0net (ID: 06000021)

Default Severity: WARNING
Log Message: Destination address is the 0::/8 net. Accepting
Explanation: The destination address was the 0::/8 net, which is allowed according to the configuration. The packet is accepted.
Firewall Action: accept
Recommended Action: If this type of traffic should be dropped, modify the "Settings" section in the configuration.
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.13. directed_broadcasts (ID: 06000030)

Default Severity: NOTICE
Log Message: Packet directed to the broadcast address of the destination network. Forwarding
Explanation: The packet was directed to the broadcast address of the destination network and the unit is configured to allow this.
Firewall Action: forward
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.14. directed_broadcasts (ID: 06000031)

Default Severity: NOTICE
Log Message: Packet directed to the broadcast address of the destination network. Dropping
Explanation: The packet was directed to the broadcast address of the destination network and the unit is configured to disallow this.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.15. unknown_vlantag (ID: 06000040)

Default Severity: WARNING
Log Message: Received VLAN packet with unknown type<type> and VLAN ID <vlanid>. Dropping
Explanation: The unit received a VLAN packet with an unknown tag and the packet is dropped.
Firewall Action: drop
Recommended Action: None
Revision: 3
Parameters: type
vlanid
Context Parameters: Rule Name
Packet Buffer

2.58.16. ruleset_reject_packet (ID: 06000050)

Default Severity: WARNING
Log Message: Packet rejected by rule-set. Rejecting
Explanation: The rule-set is configured to rejected this packet.
Firewall Action: reject
Recommended Action: If this is not the indended behaviour, modify the rule-set.
Revision: 1
Context Parameters: Rule Information
Packet Buffer

2.58.17. ruleset_drop_packet (ID: 06000051)

Default Severity: WARNING
Log Message: Packet dropped by rule-set. Dropping
Explanation: The rule-set is configured to drop this packet.
Firewall Action: drop
Recommended Action: If this is not the indended behaviour, modify the rule-set.
Revision: 1
Context Parameters: Rule Information
Packet Buffer

2.58.18. unhandled_local (ID: 06000060)

Default Severity: NOTICE
Log Message: Allowed but unhandled packet to the firewall. Dropping
Explanation: A packet directed to the unit itself was received. The packet is allowed, but there is no matching state information for this packet. It is not part of any open connections and will be dropped.
Firewall Action: drop
Recommended Action: None
Revision: 1
Context Parameters: Rule Name
Packet Buffer

2.58.19. ip4_address_added (ID: 06000070)

Default Severity: INFORMATIONAL
Log Message: IP address <ip> added to FQDN address <fqdn_name> used in IPPolicy <dir> filter.
Explanation: The IPPolicy address filter was updated by the DNS Cache.
Firewall Action: policy_updated
Recommended Action: None
Revision: 1
Parameters: fqdn_name
dir
ip
Context Parameters: Rule Name

2.58.20. ip6_address_added (ID: 06000071)

Default Severity: INFORMATIONAL
Log Message: IP address <ip> added to FQDN address <fqdn_name> used in IPPolicy <dir> filter.
Explanation: The IPPolicy address filter was updated by the DNS Cache.
Firewall Action: policy_updated
Recommended Action: None
Revision: 1
Parameters: fqdn_name
dir
ip
Context Parameters: Rule Name

2.58.21. ip4_address_removed (ID: 06000072)

Default Severity: INFORMATIONAL
Log Message: IP address <ip> removed from FQDN address <fqdn_name> used in IPPolicy <dir> filter.
Explanation: The IPPolicy address filter was updated by the DNS Cache.
Firewall Action: policy_updated
Recommended Action: None
Revision: 1
Parameters: fqdn_name
dir
ip
Context Parameters: Rule Name

2.58.22. ip6_address_removed (ID: 06000073)

Default Severity: INFORMATIONAL
Log Message: IP address <ip> removed from FQDN address <fqdn_name> used in IPPolicy <dir> filter.
Explanation: The IPPolicy address filter was updated by the DNS Cache.
Firewall Action: policy_updated
Recommended Action: None
Revision: 1
Parameters: fqdn_name
dir
ip
Context Parameters: Rule Name

2.58.23. dns_no_record (ID: 06000074)

Default Severity: ERROR
Log Message: DNS reports no record of FQDN address <fqdn_name> used in IPPolicy <dir> filter.
Explanation: The DNS server reports that there is no record of the configured FQDN address.
Firewall Action: None
Recommended Action: Verify that the FQDN address was entered correctly.
Revision: 1
Parameters: fqdn_name
dir
Context Parameters: Rule Name

2.58.24. dns_timeout (ID: 06000075)

Default Severity: ERROR
Log Message: DNS query of FQDN address <fqdn_name> in IPPolicy <dir> filter timed out.
Explanation: The DNS Cache did not receive a response from the DNS server.
Firewall Action: None
Recommended Action: Verify that the configured DNS server is reachable.
Revision: 1
Parameters: fqdn_name
dir
Context Parameters: Rule Name

2.58.25. dns_error (ID: 06000076)

Default Severity: ERROR
Log Message: DNS query of FQDN address <fqdn_name> in IPPolicy <dir> filter failed.
Explanation: The system was unable to resolve the FQDN address due to an internal error.
Firewall Action: None
Recommended Action: If the problem persists, please contact the support and report this issue.
Revision: 1
Parameters: fqdn_name
dir
Context Parameters: Rule Name

Home Prev