I

Number of ICMP bytes (incoming/outgoing) that have passed through the Firewall.

Example: ICMPByte(i/o) =527894/528486

Affected logs: l_filterstat.

Code number of the ICMP message, based on ICMP type.

Digital format.

See the list of ICMP parameters at: http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml.
Example: icmpcode=1 (meaning "Host unreachable").
Available from: SNS v1.0.0.

Affected logs: l_alarm and l_filter.

ICMP message type number.
Digital format.

See the list of ICMP parameters at: http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml.

Example: icmptype=3 (meaning "Destination unreachable").
Available from: SNS v1.0.0.

Affected logs: l_alarm and l_filter.

Percentage of memory allocated to ICMP.

Value from “0” to “100”.

Example: ICMPMem=2

Affected logs: l_filterstat.

Number of ICMP packets that have passed through the Firewall.

Example: ICMPPacket=0.

Affected logs: l_filterstat.

Type of product.
This field constantly has the value"firewall" for logs on the firewall.

Affected logs: l_alarm, l_auth, l_connection, l_count, l_date, l_filter, l_filterstat, l_ftp, l_monitor, l_plugin, l_pop3, l_pvm, l_sandboxing, l_server, l_smtp, l_ssl, l_system, l_vpn, l_web, l_xvpn and l_routerstat, l_dmrouting.

Version of the IKE protocol used

Values: “1” or “2”.

Example: ikev=1.

Affected logs: l_vpn.

Name of the protocol above IP (transport layer).
String of characters in UTF-8 format.
Example: ipproto=tcp.
Available from: v1.0.0 SNS

Affected logs: l_alarm, l_connection, l_filter, l_plugin and l_pvm.

Indicators of bandwidth used by IPSec interfaces:

• name of the interface. String of characters in UTF-8 format.
• incoming throughput (bits/second),
• maximum incoming throughput for a given period (bits/second),
• outgoing throughput (bits/second),
• maximum outgoing throughput for a given period (bits/second),
• number of packets accepted,
• number of packets blocked,

ipsec represents traffic associated with the native IPSec interface (non virtual).

ipsec1, ipsec2, etc. represent traffic associated with the virtual IPSec interfaces defined on the firewall.

Format: 7 values separated by commas.

Example: ipsec=ipsec,61515,128648,788241,1890520,2130,21.

Affected logs: l_vpn.

Number of bytes exchanged for pseudo-connections. This value includes incoming and outgoing bytes.

Example: IPStateByte(i/o)=0/40.

Affected logs: l_filterstat.

Number of active pseudo-connections relating to protocols other than TCP, UDP or ICMP (e.g.: GRE).

Example: IPStateConn=0.

Affected logs: l_filterstat.

Number of active pseudo-connections with address translation on the destination.

Example: IPStateConnNatDst=0.

Affected logs: l_filterstat.

Number of active pseudo-connections with address translation on the source.

Example: IPStateConnNatSrc=0.

Affected logs: l_filterstat.

Number of active pseudo-connections that explicitly include "No NAT" instructions on the destination.

Example: IPStateConnNoNatDst=0.

Affected logs: l_filterstat.

Number of active pseudo-connections that explicitly include "No NAT" instructions on the source.

Example: IPStateConnNoNatSrc=0.

Affected logs: l_filterstat.

Percentage of memory allocated to processing pseudo-connections relating to protocols other than TCP, UDP or ICMP (e.g.: GRE) that have passed through the firewall.

Example: IPStateMem=1.

Affected logs: l_filterstat.

Number of network packets originating from protocols other than TCP, UDP or ICMP (e.g.: GRE) that have passed through the firewall.

Example: IPStatePacket=2.

Affected logs: l_filterstat.

Version of the IP protocol used in the traffic
Values: "4" or "6".

Example: ipv=4.
Available from: SNS v1.0.0.

Affected logs: l_alarm, l_connection, l_filter, l_ftp, l_plugin, l_pop3, l_pvm, l_smtp, l_ssl and l_web.