WSM Reference Guide - WatchGuard Technologies

More documents

Recommendations

Info

Traffic Logs SMTP Proxy Traffic Log Messages Text in Message Field Associated Fields SMTP AV ERROR filename error sender recipient SMTP REQ rcvd_bytes sent_bytes sender recipient SMTP MESSAGE FORMAT header mime_error sender recipients SMTP IPS MATCH ips_msg signature_id SMTP TOO MANY RECIPIENTS num_recipients SMTP RESPONSE SIZE TOO LONG headers_size SMTP LINE LENGTH TOO LONG line_length SMTP MESSAGE SIZE TOO LONG size SMTP HEADERS SIZE TOO LONG headers_size Message Meaning Value that appears in associated field(s) The SMTP cannot finish an antivirus scan, usually because an attachment was encrypted file name description of error sender e-mail address (from envelope) recipient e-mail addresses (from envelope) Auditing information about an SMTP request size of message before proxying size of message after proxying sender e-mail address (from envelope) recipient e-mail addresses (from envelope) The SMTP header uses a format that is not correct header with improper format description of format error sender e-mail address (from envelope) recipient e-mail addresses (from envelope) The SMTP proxy found an IPS signature match description of the signature that matched the signature ID of the rule that matched The number of e-mail addresses in the TO field is larger than the configured limit number of recipients The SMTP server sent a response that is too long total size of message headers (up to when log emitted; full headers can be larger) The SMTP client or server has sent a line that is longer than the configured limit total size of header line (up to when log emitted; full line can be larger) The SMTP client sent a message larger than the configured limit size in bytes of message received (up to when log emitted; full message can be larger) The SMTP client sent a header section that is larger than the SMTP limit total size of message headers (up to when log emitted; full headers can be larger) DNS Proxy Traffic Log Messages Text in Message Field Associated Fields DNS INVALID NUMBER OF QUESTIONS DNS OVERSIZED QUERY NAME DNS COMPRESSED QUERY NAME DNS PARSE ERROR DNS NOT INTERNET CLASS query_class DNS DENIED OPCODE rulename query_opcode DNS DENIED QUERY TYPE rulename query_type DNS UNDERSIZED QUESTION Message Meaning Value that appears in associated field(s) There is more than one RRs inquiry in one DNS request The total DNS query frame size is larger than the DNS protocol limit The client used a DNS compression scheme in the query name The DNS request or respone is not in the correct format. The DNS query is not in IP protocol format name or number of its class The opcode matches a configured proxy rule name of rule matched in ruleset name of the denied opcode (IQUERY, STATUS, UPDATE) The query type matches a configured proxy rule name of rule matched in ruleset name of denied type (a, MX, NS) The name component of the DNS query is too small 32 WatchGuard System Manager
Traffic Logs DNS Proxy Traffic Log Messages Text in Message Field Associated Fields DNS OVERSIZED QUESTION DNS TIMEOUT DNS UNDERSIZED ANSWER DNS INVALID RESPONSE DNS QUESTION NOT ALLOWED rulename query_type question DNS REQ rulename query_type question DNS IPS MATCH ips_msg signature_id Message Meaning Value that appears in associated field(s) The name component of the DNS query is too large There is no response to a DNS query before the connection time-out occurred The DNS response is too small The DNS response does not match the request The query type matches a configured proxy rule name of rule matched in ruleset name of denied type (a, MX, NS) name in query Auditing information for the DNS proxy name of rule matched in ruleset name of denied type (a, MX, NS) name in query The DNS proxy found an IPS signature match description of the signature that matched the signature ID of the rule that matched FTP Proxy Traffic Log Messages Text in Message Field Associated Fields FTP USERNAME TOO LONG length FTP PASSWORD TOO LONG length FTP FILENAME TOO LONG length FTP COMMAND TOO LONG length FTP BAD COMMAND rule_name command FTP BAD DOWNLOAD rule_name file_name FTP BAD UPLOAD rule_name file_name FTP TIMEOUT FTP REQ command FTP REQUEST FORMAT command FTP IPS MATCH ips_msg signature_id Message Meaning Value that appears in associated field(s) Username is longer than the configured limit length of line Password line is longer than the configured limit length of line Filename line is longer than the configured limit length of line Command line is longer than the configured limit length of line The command matched a configured proxy rule name of rule matched in ruleset the command requested The file name or name pattern matches a configured proxy rule name of rule matched in ruleset name of file being blocked The file name or name pattern matches a configured proxy rule name of rule matched in ruleset name of file being blocked There was no response to an FTP request before the IP-level idle connection time-out Auditing information for the FTP proxy the command requested The command in the FTP request is not in the correct format the command requested The FTP proxy found an IPS signature match description of the signature that matched the signature ID of the rule that matched Reference Guide 33
Page 1 and 2: WatchGuard ® System Manager Refere
Page 3 and 4: Contents CHAPTER 1 Internet Protoco
Page 5 and 6: CHAPTER 1 Internet Protocol Referen
Page 7 and 8: Internet Protocol Header Keyword Nu
Page 9 and 10: Transfer Protocols Source Routing T
Page 11 and 12: CHAPTER 2 MIME Content Types Softwa
Page 13 and 14: Type Subtype Reference (where avail
Page 23 and 24: CHAPTER 3 Services and Ports Well-k
Page 25 and 26: Well-Known Services List Port(s) Pr
Page 27 and 28: Well-Known Services List Service Na
Page 29 and 30: Well-Known Services List Service Na
Page 31 and 32: CHAPTER 4 Log Messages Understandin
Page 33 and 34: Traffic Logs FWAllow Each packet fi
Page 35: Traffic Logs dst_ip="66.35.250.151"
Page 39 and 40: Traffic Logs HTTP Proxy Traffic Log
Page 41 and 42: Alarm Logs Policy Alarms Default Na
Page 43 and 44: Alarm Logs Denial of Servce (DoS) A
Page 45 and 46: Event Logs Gateway AntiVirus Servic
Page 47 and 48: Event Logs Description of Log Modul
Page 49 and 50: Event Logs Event Log Message Catalo
Page 59 and 60: Firebox Log File XML DTD and Schema
Page 61 and 62: Firebox® X Edge Log Messages Modul
Page 73 and 74: CHAPTER 5 Using the Firebox LCD Use
Page 75 and 76: Firebox Boot Countdown Firebox Boot
Page 77 and 78: Using the LCD Interface in Firebox
Page 79 and 80: CHAPTER 6 WebBlocker Content WatchG
Page 81 and 82: WebBlocker Categories Category Drug
Page 83 and 84: WebBlocker Categories Category Job
Page 85 and 86: CHAPTER 7 Resources There are many
Page 87 and 88:
Mailing Lists Mailing Lists wg-user
Page 89 and 90:
White Hat Web Sites beginners. Cons
Page 91 and 92:
Other Web Sites maintains a list of
Page 93 and 94:
RSS Feeds www.sophos.com/virusinfo/
Page 95 and 96:
Index B blocked sites, searching fo
show all

WSM Reference Guide - WatchGuard Technologies

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?