Note : This is the classic/original FAQ. For the very latest articles and new content for UK/Ireland users, please visit the Product Knowledgebase here

DrayTek Logo

General Router FAQ

Firewall Logs

How do I decode firewall log entries ?

Advanced users may wish to refer to router firewall/packet filtering logs. Each line of the log will contain the following fields :

  1. System Time
  2. Location (LAN/WAN)
  3. Rule No (Set:Rule). Root or Group : Rule No. (Only Active rules numbered)
  4. Action Taken (No match:n Block:b Pass:p )
  5. Source IP/Port
  6. Destination IP/Port(or service name)
  7. Protocol (tcp/udp/icmp etc.)
  8. Header Length (bytes)
  9. Payload Size (Kb)
  10. Packet Type (SYN,ACK,FIN,RST,PUSH,URG etc.)
  11. ACK Number
  12. Sequence Number
  13. Window size (bytes)
  14. Direction (In or Out)

NOTICE : This document is © SEG Communications and may not be distributed without specific written consent. Information and products subject to change at any time without notice.