Jobs (DE)Terms of UsePrivacy PolicyLegal Notice

Firewall log messages explained

DEFENDO will always log every packet which is dropped by its firewall. There are only a few exceptions from this rule:
  • A huge amount of packets is dropped for the same reason. Only few packets will be logged each second to avoid overloading the system
  • The intrusion prevention system blocks the packet
  • The dynamic firewall blocks the packet
  • When routing is disabled, forwarded packets are silently discarded
To display the firewall log you will have to select menu item "Monitoring > Log files" or open the "Live-Log" on the DEFENDO GUI. Pick log "firewall" from the "Log file" list.
Each line in the firewall log provides the following information:
Date Time Name kernel: Stage Action [Reason] Interfaces Packet's-Signatur
The most important column is the "Reason". The most frequent values are
restricted
The current firewall policies deny this connection. Add a firewall rule to allow it.
SRC=spoofed
The source IP of the packet doesn't correspond to the interface on which it was received. Either the sender really used a wrong IP or DEFENDO's configuration lacks a route to this subnet. The name of the interface is shown as "IN"
STATE=new !SYN
A TCP packet arrived which does not belong to a known connection. This is usually no problem. If however both, an input and an output interface are specified ("IN" and "OUT") and both have the same value, asymmetric routing might be the cause. For LAN interfaces, asymmetric routing can be enabled in menu "Modules > Firewall > Settings".
Please consider DEFENDO's manual or online help system for further details.

Secure

DEFENDO forces a collection of best-of-breed security modules like firewall, VPN, proxies, virus scanner and anti spam system to interact for one purpose:
To be protected from all online threats and unwanted contents like malicious code, spam and hacker attacks.

Flexible

Each IT scenario is different. The DEFENDO product family will adapt precisely to your demands.
DEFENDO applies for simple Internet connections of small companies, for headquarters / branch office WANs, as well as for complex multi-tiered firewall systems.

More good reasons

  • No backdoors
  • More than 20 years of Internet security experience
  • Award-winning product
  • Support by our development engineers
  • Reseller loyalty
  • Made in Germany