These log messages refer to the FTPALG category.
2.15.1. [ID: 1146] CLNT command not allowed
- Log Categories
- FTPALG
- Log Message
- CLNT command not allowed.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- The client tried to issue a "CLNT" command, which is not valid since the client is not allowed to do this. The command will
be rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- If the client should be allowed to issue "CLNT" commands, modify the FTP profile configuration.
2.15.2. [ID: 1163] Command rate limit exceeded on session
- Log Categories
- FTPALG
- Log Message
- Command rate limit exceeded on session.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, max, flow
- Explanation
- The configured command rate limit was exceeded on a session.
- Gateway Action
- None
- Action Description
- None
- Proposed Action
- If this occurs during normal usage, consider increasing the limit configured on the FTP profile.
2.15.3. [ID: 1144] Data channel traffic direction restricted
- Log Categories
- FTPALG
- Log Message
- Data channel traffic direction restricted.
- Default Log Severity
- Information
- Parameters
- profile, sessionid, command, alloweddir
- Explanation
- Traffic on the data channel should only flow in one direction depending on which FTP command was issued. As the rule allowing
the data channel is created before the direction is known, it is modified to restrict the direction once the allowed direction
is learned.
- Gateway Action
- None
- Action Description
- None
- Proposed Action
- None
2.15.4. [ID: 1116] Disallowed client IP
- Log Categories
- FTPALG
- Log Message
- Disallowed client IP.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, ip, flow
- Explanation
- The client want the server to connect the data channel to an IP which is not the clients own IP.
- Gateway Action
- Deny
- Action Description
- None
- Proposed Action
- None
2.15.5. [ID: 1096] Client port outside configured range
- Log Categories
- FTPALG
- Log Message
- Client port outside configured range.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, port, portrange, flow
- Explanation
- The client tried to use a port for the data channel which is disallowed by the ClientPorts setting in the FTPAlgProfile used.
- Gateway Action
- Deny
- Action Description
- None
- Proposed Action
- None
2.15.6. [ID: 1149] Disallowed MODE argument
- Log Categories
- FTPALG
- Log Message
- Disallowed MODE argument.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- The client has tried to issue a MODE command to use block mode or compressed mode, which is disallowed. Command is rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
2.15.7. [ID: 1103] Disallowed OPTS argument
- Log Categories
- FTPALG
- Log Message
- Disallowed OPTS argument.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- A disallowed OPTS argument was received, and the command will be rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
2.15.8. [ID: 1154] Mismatched data channel IP protocol
- Log Categories
- FTPALG
- Log Message
- Mismatched data channel IP protocol.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, ipver, flow
- Explanation
- The client has tried to negotiate a different IP protocol for the data channel than the protocol it is using to connect to
the ftp server on the control channel.
- Gateway Action
- Deny
- Action Description
- None
- Proposed Action
- None
2.15.9. [ID: 1125] Disallowed server IP
- Log Categories
- FTPALG
- Log Message
- Disallowed server IP.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, ip, flow
- Explanation
- The server wants the client to connect the data channel to an IP which is not the servers own IP.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.10. [ID: 1104] Server port outside configured range
- Log Categories
- FTPALG
- Log Message
- Server port outside configured range.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, port, portrange, flow
- Explanation
- The server tried to use a port for the data channel which is disallowed by the ServerPorts setting in the FTPAlgProfile used.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.11. [ID: 1145] Command is illegal since EPSV ALL is in effect
- Log Categories
- FTPALG
- Log Message
- Command is illegal since EPSV ALL is in effect.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- The client has already issued an "EPSV ALL" command and may no longer use any of the commands PORT, PASV or EPRT.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
2.15.12. [ID: 1095] Failed setting up data channel rule from[...]
- Log Categories
- FTPALG
- Log Message
- Failed setting up data channel rule from server to client.
- Default Log Severity
- Error
- Parameters
- sessionid, profile, srcip, destip, srcport, destport, flow
- Explanation
- An error occurred when creating a data connection from the server to client. This could possibly be a result of lack of memory.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.13. [ID: 1108] Failed setting up data channel rule from[...]
- Log Categories
- FTPALG
- Log Message
- Failed setting up data channel rule from client to server.
- Default Log Severity
- Error
- Parameters
- sessionid, profile, srcip, destip, srcport, destport, flow
- Explanation
- An error occurred when creating a data connection from the client to server. This could possibly be a result of lack of memory.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.14. [ID: 1135] Failed parsing EPRT command
- Log Categories
- FTPALG
- Log Message
- Failed parsing EPRT command.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- Invalid parameters to the "EPRT" command were received. The connection will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.15. [ID: 1157] Failed parsing EPSV command
- Log Categories
- FTPALG
- Log Message
- Failed parsing EPSV command.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- Invalid parameters to the "EPSV" command were received. The command was rejected with an error message to the client.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
2.15.16. [ID: 1132] Failed parsing EPSV response
- Log Categories
- FTPALG
- Log Message
- Failed parsing EPSV response.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- The response to the "EPSV" command was not formatted according to the standard. The connection will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.17. [ID: 1143] Failed parsing PASV response
- Log Categories
- FTPALG
- Log Message
- Failed parsing PASV response.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- The response to the "PASV" command was not formatted according to the standard. The connection will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.18. [ID: 1124] Failed parsing PORT command
- Log Categories
- FTPALG
- Log Message
- Failed parsing PORT command.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- Invalid parameters to the "PORT" command were received. The connection will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.19. [ID: 1086] Failed to create new session
- Log Categories
- FTPALG
- Log Message
- Failed to create new session.
- Default Log Severity
- Error
- Parameters
-
- Explanation
- An attempt to create a new FTPALG session failed, because the unit is out of memory.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- Decrease the maximum allowed FTPALG sessions, or try to free some of the RAM used.
2.15.20. [ID: 1100] Control channel failed
- Log Categories
- FTPALG
- Log Message
- Control channel failed.
- Default Log Severity
- Notice
- Parameters
- reason, originator, sessionid, flow, rule
- Explanation
- An error occurred that caused the FTP control channel to be aborted.
- Gateway Action
- Abort
- Action Description
- None
- Proposed Action
- None
2.15.21. [ID: 1113] Illegal command received
- Log Categories
- FTPALG
- Log Message
- Illegal command received.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An illegal command was received, and the command will be rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
2.15.22. [ID: 1110] Illegal multiline response from server
- Log Categories
- FTPALG
- Log Message
- Illegal multiline response from server.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An illegal multiline response was received from server, and the connection will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.23. [ID: 1089] Illegal numeric reply from server
- Log Categories
- FTPALG
- Log Message
- Illegal numeric reply from server.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An illegal numerical reply was received from server, and the connection will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.24. [ID: 1112] Invalid command from client
- Log Categories
- FTPALG
- Log Message
- Invalid command from client.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An invalid command was received on the control channel. This is not allowed, and the connection will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- If unknown commands should be allowed, modify the FTP profile configuration.
2.15.25. [ID: 1156] Invalid MODE argument
- Log Categories
- FTPALG
- Log Message
- Invalid MODE argument.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- The client has issued a MODE command with an invalid argument. Command is rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
2.15.26. [ID: 1092] Invalid OPTS argument
- Log Categories
- FTPALG
- Log Message
- Invalid OPTS argument.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An invalid OPTS argument was received. The argument does not start with an alphabetic letter, and the command will be rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
2.15.27. [ID: 1102] Maximum line length exceeded
- Log Categories
- FTPALG
- Log Message
- Maximum line length exceeded.
- Default Log Severity
- Error
- Parameters
- maxlen, len, originator, sessionid, profile, flow, rule
- Explanation
- The maximum length of a text line sent over the control channel was exceeded, and the session will be closed. Note that the
len parameter may or may not contain the full length of the violating line, it may contain the length of a partial line that
exceeds the limit.
- Gateway Action
- Abort
- Action Description
- None
- Proposed Action
- Sending long lines might be an attempt to attack software that fails to handle lines above a certain length. If this incident
is unlikely to be an attack then consider increasing the limit. The maximum line length is a configuration property of the
FTP profile object.
2.15.28. [ID: 1161] No data channel setup yet
- Log Categories
- FTPALG
- Log Message
- No data channel setup yet.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- A command which requires a data channel was issued without first having setup a data channel. The command is rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
2.15.29. [ID: 1140] Data channel dynamic PREPBR rule added
- Log Categories
- FTPALG
- Log Message
- Data channel dynamic PREPBR rule added.
- Default Log Severity
- Information
- Parameters
- profile, sessionid, command, srcip, destip, srcport, destport, srciface
- Explanation
- To ensure that the data channel always uses the same routing tables as the control channel, a PREPBR rule has been added to
the system.
- Gateway Action
- None
- Action Description
- None
- Proposed Action
- None
2.15.30. [ID: 1148] Data channel dynamic PREPBR rule removed
- Log Categories
- FTPALG
- Log Message
- Data channel dynamic PREPBR rule removed.
- Default Log Severity
- Information
- Parameters
- profile, sessionid, command, srcip, destip, srcport, destport, srciface
- Explanation
- A PREPBR rule, which was added to ensure that the data channel always uses the same routing tables as the control channel,
has now been removed.
- Gateway Action
- None
- Action Description
- None
- Proposed Action
- None
2.15.31. [ID: 1093] Invalid command from client
- Log Categories
- FTPALG
- Log Message
- Invalid command from client.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An invalid command was received on the control channel. This is allowed, but the command will be rejected as it is not understood.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- If unknown commands should not be allowed, modify the FTP profile configuration.
2.15.32. [ID: 1097] Data channel dynamic rule added
- Log Categories
- FTPALG
- Log Message
- Data channel dynamic rule added.
- Default Log Severity
- Information
- Parameters
- profile, sessionid, command, srcip, destip, srcport, destport, srciface, destiface
- Explanation
- FTPALG has added a dynamic rule to allow the data channel for FTP.
- Gateway Action
- None
- Action Description
- None
- Proposed Action
- None
2.15.33. [ID: 1099] Data channel dynamic rule removed
- Log Categories
- FTPALG
- Log Message
- Data channel dynamic rule removed.
- Default Log Severity
- Information
- Parameters
- profile, sessionid, command, srcip, destip, srcport, destport, srciface, destiface
- Explanation
- FTPALG has removed a dynamic rule it added previously to allow the data channel for FTP.
- Gateway Action
- None
- Action Description
- None
- Proposed Action
- None
2.15.34. [ID: 1119] Session closed
- Log Categories
- FTPALG
- Log Message
- Session closed.
- Default Log Severity
- Information
- Parameters
- sessionid, profile, flow
- Explanation
- A session using the FTP ALG was closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.35. [ID: 1105] Session opened
- Log Categories
- FTPALG
- Log Message
- Session opened.
- Default Log Severity
- Information
- Parameters
- sessionid, profile, flow
- Explanation
- A session using the FTP ALG was opened.
- Gateway Action
- Open
- Action Description
- None
- Proposed Action
- None
2.15.36. [ID: 1153] SITE EXEC not allowed
- Log Categories
- FTPALG
- Log Message
- SITE EXEC not allowed.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- The client tried to issue a "SITE EXEC" command, which is not valid since the client is not allowed to do this. The command
will be rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- If the client should be allowed to issue "SITE EXEC" commands, modify the FTP profile configuration.
2.15.37. [ID: 1114] Unexpected telnet control chars from client
- Log Categories
- FTPALG
- Log Message
- Unexpected telnet control chars from client.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, flow
- Explanation
- Unexpected telnet control characters were discovered in the control channel. This is not allowed according to the FTPALG profile
configuration, and the connection will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- If unknown commands should be allowed, modify the FTP profile configuration.
2.15.38. [ID: 1106] Unexpected telnet control chars from server
- Log Categories
- FTPALG
- Log Message
- Unexpected telnet control chars from server.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, flow
- Explanation
- Unexpected telnet control characters were discovered in the control channel. This is not allowed according to the FTP profile
configuration, and the connection will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- If unknown commands should be allowed, modify the FTP profile configuration.
2.15.39. [ID: 1090] Unknown command received
- Log Categories
- FTPALG
- Log Message
- Unknown command received.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An unknown command was received, and the command will be rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- If unknown commands should be allowed, modify the FTP profile configuration.
2.15.40. [ID: 1321] Unknown FEAT response from server
- Log Categories
- FTPALG
- Log Message
- Unknown FEAT response from server.
- Default Log Severity
- Information
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An unknown FEAT response was received from server and was stripped.
- Gateway Action
- Strip
- Action Description
- None
- Proposed Action
- If the FEAT response the server sent is needed, change the FTP profile to allow unknown commands.
2.15.41. [ID: 1111] Unknown OPTS argument
- Log Categories
- FTPALG
- Log Message
- Unknown OPTS argument.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An unknown OPTS argument was received, and the command will be rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- If unknown commands should be allowed, modify the FTP profile configuration.
2.15.42. [ID: 1131] Unsolicited extended passive mode response[...]
- Log Categories
- FTPALG
- Log Message
- Unsolicited extended passive mode response from server.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, flow
- Explanation
- An illegal response was received from the server, and the connection is closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.43. [ID: 1122] Unsolicited passive mode response from server
- Log Categories
- FTPALG
- Log Message
- Unsolicited passive mode response from server.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, flow
- Explanation
- An illegal response was received from the server, and the connection is closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
2.15.44. [ID: 1137] Unsupported encryption FEAT response from[...]
- Log Categories
- FTPALG
- Log Message
- Unsupported encryption FEAT response from server.
- Default Log Severity
- Information
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- A feature response from the server announcing support for encryption unsupported by the FTPALG has been stripped from the
response.
- Gateway Action
- Strip
- Action Description
- None
- Proposed Action
- None
2.15.45. [ID: 1162] Unsupported encryption command rejected
- Log Categories
- FTPALG
- Log Message
- Unsupported encryption command rejected.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, cmdline, flow
- Explanation
- An FTP command related to encryption, that is not supported by the FTPALG, has been rejected.
- Gateway Action
- Reject
- Action Description
- None
- Proposed Action
- None
2.15.46. [ID: 1155] Data in wrong direction on data channel
- Log Categories
- FTPALG
- Log Message
- Data in wrong direction on data channel.
- Default Log Severity
- Warning
- Parameters
- sessionid, profile, command, alloweddir, flow, user, userid
- Explanation
- Data has been sent on the data channel in a direction not expected according to the command issued to retrieve or store file.
The control channel and data channel will be closed.
- Gateway Action
- Close
- Action Description
- None
- Proposed Action
- None
cOS Stream 4.00.03 Log Reference Guide
