Registration Manual
Page 9
... signatures ensure a high ratio of detection accuracy and a lowest ratio of the 3 or any service combination. D-Link NetDefend Anti-Virus Subscription NetDefend UTM Firewall implements Stream Based Virus Scanning technology without caching the incoming files first, thus increase the inspection performance of UTM Firewall, and ease the nightmare of signature coverage, the...
... signatures ensure a high ratio of detection accuracy and a lowest ratio of the 3 or any service combination. D-Link NetDefend Anti-Virus Subscription NetDefend UTM Firewall implements Stream Based Virus Scanning technology without caching the incoming files first, thus increase the inspection performance of UTM Firewall, and ease the nightmare of signature coverage, the...
CLI Guide for DFL-260E
Page 45
... interfaces. Show the current IGMP state. 45 Usage igmp Prints the current IGMP state. Options -join -leave -query -state Simulate an incoming IGMP join message. Send simulated messages to lines. (Default: 20) Only list members of given PBR table(s). igmp -state [] Prints the... current IGMP state. igmp -leave [] Simulate an incoming IGMP leave message. 2.2.27. Command Reference -allindepth -filter= -num= -pbr= -restart Show in-depth information about the current state of the interface...
... interfaces. Show the current IGMP state. 45 Usage igmp Prints the current IGMP state. Options -join -leave -query -state Simulate an incoming IGMP join message. Send simulated messages to lines. (Default: 20) Only list members of given PBR table(s). igmp -state [] Prints the... current IGMP state. igmp -leave [] Simulate an incoming IGMP leave message. 2.2.27. Command Reference -allindepth -filter= -num= -pbr= -restart Show in-depth information about the current state of the interface...
CLI Guide for DFL-260E
Page 121
... and interface. (Default: 100) Multiple IGMP querying routers on a network must use the same IGMP version. (Default: IGMPv3) The lowest IGMP version to allow on incoming requests. (Default: IGMPv1) The interval between general queries sent by the security gateway. (Default: 125000) The maximum time until a host (client) has to send an...
... and interface. (Default: 100) Multiple IGMP querying routers on a network must use the same IGMP version. (Default: IGMPv3) The lowest IGMP version to allow on incoming requests. (Default: IGMPv1) The interval between general queries sent by the security gateway. (Default: 125000) The maximum time until a host (client) has to send an...
CLI Guide for DFL-260E
Page 192
... Ruleset specifies from where users are allowed to authenticate to authenticate users matching this rule. With SSL, this rule. Specifies the host certificate that the incoming IP address must be used to the system, and how. Configuration Reference 3.55. UserAuthRule Chapter 3. Properties Index Name Agent ChallengeExpire AuthSource Interface OriginatorIP TerminatorIP RadiusServers...
... Ruleset specifies from where users are allowed to authenticate to authenticate users matching this rule. With SSL, this rule. Specifies the host certificate that the incoming IP address must be used to the system, and how. Configuration Reference 3.55. UserAuthRule Chapter 3. Properties Index Name Agent ChallengeExpire AuthSource Interface OriginatorIP TerminatorIP RadiusServers...
Log Reference Guide for DFL-260E
Page 167
.... passive_data (ID: 00600101) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Context Parameters INFORMATIONAL FTPALG: Incoming passive data channel A passive data channel connection has been established. active_data (ID: 00600100) Default Severity Log Message... Explanation Gateway Action Recommended Action Revision Context Parameters INFORMATIONAL FTPALG: Incoming active data channel An active data channel connection has been established. 2.8.16. active_data (ID: 00600102) Default Severity...
.... passive_data (ID: 00600101) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Context Parameters INFORMATIONAL FTPALG: Incoming passive data channel A passive data channel connection has been established. active_data (ID: 00600100) Default Severity Log Message... Explanation Gateway Action Recommended Action Revision Context Parameters INFORMATIONAL FTPALG: Incoming active data channel An active data channel connection has been established. 2.8.16. active_data (ID: 00600102) Default Severity...
Log Reference Guide for DFL-260E
Page 381
...listen on . Interface: , Remote gateway: . The PPTP server cannot start until it has an IP address to find a matching userauth rule for the incoming PPTP connection. 2.32.24. None Make sure the userauth rules are configured correctly. 1 iface remotegw 2.32.25. None None. 1 iface remotegw error_code ... (ID: 02700026) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Did not find a userauth rule matching the incoming PPTP connection. None Make sure that the IP address is configured correctly on .
...listen on . Interface: , Remote gateway: . The PPTP server cannot start until it has an IP address to find a matching userauth rule for the incoming PPTP connection. 2.32.24. None Make sure the userauth rules are configured correctly. 1 iface remotegw 2.32.25. None None. 1 iface remotegw error_code ... (ID: 02700026) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Did not find a userauth rule matching the incoming PPTP connection. None Make sure that the IP address is configured correctly on .
Log Reference Guide for DFL-260E
Page 418
... , Remote gateway: . The SSL VPN connection is unknown to the SSL VPN server. The authentication source for the incoming SSL VPN connection. sslvpn_no_userauth_rule_found (ID: 06300226) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Did ...not find a userauth rule matching the incoming SSL VPN connection. 2.41.8. Interface: , Remote gateway: . None Make sure the userauth rules are configured correctly. ...
... , Remote gateway: . The SSL VPN connection is unknown to the SSL VPN server. The authentication source for the incoming SSL VPN connection. sslvpn_no_userauth_rule_found (ID: 06300226) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Did ...not find a userauth rule matching the incoming SSL VPN connection. 2.41.8. Interface: , Remote gateway: . None Make sure the userauth rules are configured correctly. ...
Log Reference Guide for DFL-260E
Page 440
... Parameters CRITICAL Out of large TCP receive windows. Triggered times last 10 seconds. 440 Triggered times last 10 seconds. The TCP stack could not accept incomming data since it has run out of maximum sessions parameter on the associated service. 1 max_windows [num_events] 2.43.19. tcp_recv_windows_drained (ID: 03300022) Default Severity Log Message...
... Parameters CRITICAL Out of large TCP receive windows. Triggered times last 10 seconds. 440 Triggered times last 10 seconds. The TCP stack could not accept incomming data since it has run out of maximum sessions parameter on the associated service. 1 max_windows [num_events] 2.43.19. tcp_recv_windows_drained (ID: 03300022) Default Severity Log Message...
Log Reference Guide for DFL-260E
Page 457
...be dropped. dropped_stp_frame (ID: 04400418) Default Severity Log Message Explanation Gateway Action INFORMATIONAL Dropping STP frame from to switched interfaces An incomming STP frame has been relayed to change the behaviour of that equipment. 1 Rule Name Packet Buffer 2.47.8. If there are equipment...Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters INFORMATIONAL Relaying STP frame from An incomming STP frame has been dropped. allow None. 1 recvif 2.47.9. The Ethernet hardware sender address is a multicast address. 2.47.7.
...be dropped. dropped_stp_frame (ID: 04400418) Default Severity Log Message Explanation Gateway Action INFORMATIONAL Dropping STP frame from to switched interfaces An incomming STP frame has been relayed to change the behaviour of that equipment. 1 Rule Name Packet Buffer 2.47.8. If there are equipment...Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters INFORMATIONAL Relaying STP frame from An incomming STP frame has been dropped. allow None. 1 recvif 2.47.9. The Ethernet hardware sender address is a multicast address. 2.47.7.
Log Reference Guide for DFL-260E
Page 458
... packet from dropped. Log Message Reference Recommended Action Revision Parameters None. 1 recvif 2.47.10. drop None. 458 Reason: An incomming Spanning-Tree frame has been dropped since it was broadcasted to over all interfaces in the switch group. An.... 1 recvif reason 2.47.11. invalid_stp_frame (ID: 04400419) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Incomming STP frame from An incomming MPLS packet has been dropped. Supported Spanning-Tree versions are STP, RSTP, MSTP and PVST+. drop If the frame format is invalid...
... packet from dropped. Log Message Reference Recommended Action Revision Parameters None. 1 recvif 2.47.10. drop None. 458 Reason: An incomming Spanning-Tree frame has been dropped since it was broadcasted to over all interfaces in the switch group. An.... 1 recvif reason 2.47.11. invalid_stp_frame (ID: 04400419) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Incomming STP frame from An incomming MPLS packet has been dropped. Supported Spanning-Tree versions are STP, RSTP, MSTP and PVST+. drop If the frame format is invalid...
Log Reference Guide for DFL-260E
Page 459
Reason: An incomming MPLS packet has been dropped since it was malformed. 2.47.13. invalid_mpls_packet (ID: 04400422) Chapter 2. drop If the packet format is invalid, locate the unit which is sending the malformed packet. 1 recvif reason 459 Log Message Reference Revision Parameters 1 recvif 2.47.13. invalid_mpls_packet (ID: 04400422) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Incomming MPLS packet on dropped.
Reason: An incomming MPLS packet has been dropped since it was malformed. 2.47.13. invalid_mpls_packet (ID: 04400422) Chapter 2. drop If the packet format is invalid, locate the unit which is sending the malformed packet. 1 recvif reason 459 Log Message Reference Revision Parameters 1 recvif 2.47.13. invalid_mpls_packet (ID: 04400422) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Incomming MPLS packet on dropped.
User Manual for DFL-260E
Page 21
... of checksums, protocol flags, packet length and so on . 1.2.3. If a match cannot be done in the system. In other words, by matching parameters from the incoming packet. The following description is simplified and might not be valid for the connection has now been determined. 7.
... of checksums, protocol flags, packet length and so on . 1.2.3. If a match cannot be done in the system. In other words, by matching parameters from the incoming packet. The following description is simplified and might not be valid for the connection has now been determined. 7.
User Manual for DFL-260E
Page 22
..., UDP, ICMP) • TCP/UDP ports • ICMP types • Point in time in the state, NetDefendOS now knows what NetDefendOS should do with the incoming packet: • If ALG information is present or if IDP scanning is to the state. 22 If the action is Allow, the packet is recorded...
..., UDP, ICMP) • TCP/UDP ports • ICMP types • Point in time in the state, NetDefendOS now knows what NetDefendOS should do with the incoming packet: • If ALG information is present or if IDP scanning is to the state. 22 If the action is Allow, the packet is recorded...
User Manual for DFL-260E
Page 60
... in the NetDefend Firewall instead of recent log messages through the standard user interfaces. When the allocated memory is the de-facto standard for newer incoming messages. Logging to any of the following Log Receiver objects. • MemoryLogReceiver NetDefendOS has a single built in logging mechanism also known as Memlog) is creating...
... in the NetDefend Firewall instead of recent log messages through the standard user interfaces. When the allocated memory is the de-facto standard for newer incoming messages. Logging to any of the following Log Receiver objects. • MemoryLogReceiver NetDefendOS has a single built in logging mechanism also known as Memlog) is creating...
User Manual for DFL-260E
Page 106
... pass through one of interfaces is referred to in NetDefendOS. As explained in NetDefendOS as the destination interface (also sometimes known as the receiving or incoming interface). • The Destination Interface When traffic leaves after being checked against NetDefendOS's security policies, the interface used when NetDefendOS itself is the source or...
... pass through one of interfaces is referred to in NetDefendOS. As explained in NetDefendOS as the destination interface (also sometimes known as the receiving or incoming interface). • The Destination Interface When traffic leaves after being checked against NetDefendOS's security policies, the interface used when NetDefendOS itself is the source or...
User Manual for DFL-260E
Page 119
... to configure how the firewall should accept traffic from the ISP, it stores it in PPPoE sessions. Dial-on-demand If dial-on outgoing traffic, incoming traffic or both. Unnumbered PPPoE When NetDefendOS acts as the "preferred IP". The additional option also exists to force unnumbered PPPoE to be up when...
... to configure how the firewall should accept traffic from the ISP, it stores it in PPPoE sessions. Dial-on-demand If dial-on outgoing traffic, incoming traffic or both. Unnumbered PPPoE When NetDefendOS acts as the "preferred IP". The additional option also exists to force unnumbered PPPoE to be up when...
User Manual for DFL-260E
Page 139
... NetDefend Firewall without setting up a state for a detailed description). See Section 7.4, "SAT" for more information about this connection will automatically be handled. Non-matching Traffic Incoming packets that decides how the connection will therefore continue on overall throughput. As described above , to be turned on a pairing with those parameters. NAT This...
... NetDefend Firewall without setting up a state for a detailed description). See Section 7.4, "SAT" for more information about this connection will automatically be handled. Non-matching Traffic Incoming packets that decides how the connection will therefore continue on overall throughput. As described above , to be turned on a pairing with those parameters. NAT This...
User Manual for DFL-260E
Page 244
... advanced setting Relay Spanning-tree BPDUs. If it is not, the frame is supported. Logging of BDPU messages to all incoming STP, RSTP and MSTP BPDU messages are relayed to make sure the content type is dropped. Enabling/Disabling BPDU Relaying BPDU... relaying is disabled by combining destination address information and information found in the same routing table, except the incoming interface. 4.7.5. Advanced Settings for Transparent Mode CAM To L3 Cache Dest Learning Enable this setting. Advanced Settings for Transparent Mode Chapter ...
... advanced setting Relay Spanning-tree BPDUs. If it is not, the frame is supported. Logging of BDPU messages to all incoming STP, RSTP and MSTP BPDU messages are relayed to make sure the content type is dropped. Enabling/Disabling BPDU Relaying BPDU... relaying is disabled by combining destination address information and information found in the same routing table, except the incoming interface. 4.7.5. Advanced Settings for Transparent Mode CAM To L3 Cache Dest Learning Enable this setting. Advanced Settings for Transparent Mode Chapter ...
User Manual for DFL-260E
Page 246
...Broadcast Enet Sender Defines what to do when receiving a packet that has the sender hardware (MAC) address in Ethernet header set to Ignore all incoming STP, RSTP and MSTP BPDUs are relayed to the MAC of the forwarding interface and log • Drop - Accept packet • AcceptLog...Defines what to do when receiving a packet that has the sender hardware (MAC) address in the same routing table, except the incoming interface. Rewrite to all transparent interfaces in Ethernet header set to a multicast Ethernet address. Options: • Accept - Advanced Settings for Transparent ...
...Broadcast Enet Sender Defines what to do when receiving a packet that has the sender hardware (MAC) address in Ethernet header set to Ignore all incoming STP, RSTP and MSTP BPDUs are relayed to the MAC of the forwarding interface and log • Drop - Accept packet • AcceptLog...Defines what to do when receiving a packet that has the sender hardware (MAC) address in the same routing table, except the incoming interface. Rewrite to all transparent interfaces in Ethernet header set to a multicast Ethernet address. Options: • Accept - Advanced Settings for Transparent ...
User Manual for DFL-260E
Page 247
Routing • Log - Drop packets log the event Default: Drop 247 4.7.5. Advanced Settings for Transparent Mode Chapter 4. Options: • Ignore - Drop packets log the event Default: Drop Relay MPLS When set to Ignore all incoming MPLS packets are relayed in transparent mode. Let the packets pass and log the event • Drop - Drop the packets • DropLog - Let the packets pass but do not log • Log - Drop the packets • DropLog - Let the packets pass and log the event • Drop -
Routing • Log - Drop packets log the event Default: Drop 247 4.7.5. Advanced Settings for Transparent Mode Chapter 4. Options: • Ignore - Drop packets log the event Default: Drop Relay MPLS When set to Ignore all incoming MPLS packets are relayed in transparent mode. Let the packets pass and log the event • Drop - Drop the packets • DropLog - Let the packets pass but do not log • Log - Drop the packets • DropLog - Let the packets pass and log the event • Drop -