I

ICMPByte(i/o)

Number of ICMP bytes (incoming/outgoing) that have passed through the Firewall.

Example: ICMPByte(i/o) =527894/528486

Affected logs: l_filterstat.

icmpcode

Code number of the ICMP message, based on ICMP type.

Digital format.

See the list of ICMP parameters at: http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml.
Example: icmpcode=1 (meaning "Host unreachable").
Available from: SNS v1.0.0.

Affected logs: l_alarm and l_filter.

ICMP code
icmptype

ICMP message type number.
Digital format.

See the list of ICMP parameters at: http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml.

Example: icmptype=3 (meaning "Destination unreachable").
Available from: SNS v1.0.0.

Affected logs: l_alarm and l_filter.

ICMP type

ICMPMem

Percentage of memory allocated to ICMP.

Value from “0” to “100”.

Example: ICMPMem=2

Affected logs: l_filterstat.

ICMPPacket

Number of ICMP packets that have passed through the Firewall.

Example: ICMPPacket=0.

Affected logs: l_filterstat.

id

Type of product.
This field constantly has the value"firewall" for logs on the firewall.

Affected logs: l_alarm, l_auth, l_connection, l_count, l_date, l_filter, l_filterstat, l_ftp, l_monitor, l_plugin, l_pop3, l_pvm, l_sandboxing, l_server, l_smtp, l_ssl, l_system, l_vpn, l_web, l_xvpn and l_routerstat, l_dmrouting.

ikev

Version of the IKE protocol used

Values: “1” or “2”.

Example: ikev=1.

Affected logs: l_vpn.

IKE version
ipproto

Name of the protocol above IP (transport layer).
String of characters in UTF-8 format.
Example: ipproto=tcp.
Available from: v1.0.0 SNS

Affected logs: l_alarm, l_connection, l_filter, l_plugin and l_pvm.

Internet Protocol
ipsecXX

Indicators of bandwidth used by IPSec interfaces:

  • name of the interface. String of characters in UTF-8 format.
  • incoming throughput (bits/second),
  • maximum incoming throughput for a given period (bits/second),
  • outgoing throughput (bits/second),
  • maximum outgoing throughput for a given period (bits/second),
  • number of packets accepted,
  • number of packets blocked,

ipsec represents traffic associated with the native IPSec interface (non virtual).

ipsec1, ipsec2, etc. represent traffic associated with the virtual IPSec interfaces defined on the firewall.

 

Format: 7 values separated by commas.

Example: ipsec=ipsec,61515,128648,788241,1890520,2130,21.

Affected logs: l_vpn.

IPStateByte (i/o)

Number of bytes exchanged for pseudo-connections. This value includes incoming and outgoing bytes.

Example: IPStateByte(i/o)=0/40.

Affected logs: l_filterstat.

IPStateConn

Number of active pseudo-connections relating to protocols other than TCP, UDP or ICMP (e.g.: GRE).

Example: IPStateConn=0.

Affected logs: l_filterstat.

IPStateConnNatDst

Number of active pseudo-connections with address translation on the destination.

Example: IPStateConnNatDst=0.

Affected logs: l_filterstat.

IPStateConnNatSrc

Number of active pseudo-connections with address translation on the source.

Example: IPStateConnNatSrc=0.

Affected logs: l_filterstat.

IPStateConnNoNatDst

Number of active pseudo-connections that explicitly include "No NAT" instructions on the destination.

Example: IPStateConnNoNatDst=0.

Affected logs: l_filterstat.

IPStateConnNoNatSrc

Number of active pseudo-connections that explicitly include "No NAT" instructions on the source.

Example: IPStateConnNoNatSrc=0.

Affected logs: l_filterstat.

IPStateMem

Percentage of memory allocated to processing pseudo-connections relating to protocols other than TCP, UDP or ICMP (e.g.: GRE) that have passed through the firewall.

Example: IPStateMem=1.

Affected logs: l_filterstat.

IPStatePacket

Number of network packets originating from protocols other than TCP, UDP or ICMP (e.g.: GRE) that have passed through the firewall.

Example: IPStatePacket=2.

Affected logs: l_filterstat.

ipv

Version of the IP protocol used in the traffic
Values: "4" or "6".

Example: ipv=4.
Available from: SNS v1.0.0.

Affected logs: l_alarm, l_connection, l_filter, l_ftp, l_plugin, l_pop3, l_pvm, l_smtp, l_ssl and l_web.

IP version