This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

STAS causing dropped packets?

We have recently migrated from cyberoam. I had CTAS configured before and then re-deployed STAS. None of my firewall rules use Identity, however for about 2 minutes out of every 30-45 minutes my users have no connection to any other VLAN or LAN on the router. After a couple minutes it clears its self. All off my user are affected and they can all ping the router, but not past it. When I run a Drop-Packet-Capture command I see "log_type=Firewall log_component=Identity log_subtype=Denied" for every entry. Is it possible that "Unauth-Traffic Drop Time: 120 sec" setting in the AUTH CTA section are somehow related? I'm running 15 MR2

Any suggestions to tracking down the issue?

This thread was automatically locked due to age.

0 sachingurung over 9 years ago

Hi Neal,

Initially, I request you an upgrade to MR3.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 NealBellamy over 9 years ago in reply to sachingurung

I upgraded to MR3 last Thursday. It seemed to be less often, but It happened again this morning. What is the next step to troubleshooting?
Cancel
Vote Up 0 Vote Down

Cancel
0 sachingurung over 9 years ago in reply to NealBellamy

Hi Neal,

Does this happen with every user or any specific user? If it occurs with a particular user please verify that there is no use of any special characters in the original name of the User on AD.

Take SSH to XG, go to option 5.>3. Advance shell and type: service access_server:debug -ds nosync

> cd /log

> tail -f access_server.log | grep username

Post the logs.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 NealBellamy over 9 years ago in reply to sachingurung

everybody is having issues, and there are no special characters in the usernames (Usernames are first name and last initial i.e. NealB)

I have started the debug logging. Do you want the output now or wait until it have an issue again?

Thanks,

Neal
Cancel
Vote Up 0 Vote Down

Cancel
0 NealBellamy over 9 years ago in reply to sachingurung

It happened to me again this morning and I was able to catch it.

Denied Packet Log:

console> drop-packet-capture "host 192.168.1.100 and proto TCP"
2016-06-28 08:41:50 0110021 IP 192.168.1.100.65153 > 192.168.1.240.3128 : proto TCP: S 948770365:948770365(0) win 8192 checksum : 28903
0x0000: 4500 0034 2448 4000 8006 51d7 c0a8 0164 E..4$H@...Q....d
0x0010: c0a8 01f0 fe81 0c38 388d 163d 0000 0000 .......88..=....
0x0020: 8002 2000 70e7 0000 0204 05b4 0103 0308 ....p...........
0x0030: 0101 0402 ....
Date=2016-06-28 Time=08:41:50 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65153 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2846791552 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-06-28 08:41:53 0110021 IP 192.168.1.100.65153 > 192.168.1.240.3128 : proto TCP: S 948770365:948770365(0) win 8192 checksum : 28903
0x0000: 4500 0034 2449 4000 8006 51d6 c0a8 0164 E..4$I@...Q....d
0x0010: c0a8 01f0 fe81 0c38 388d 163d 0000 0000 .......88..=....
0x0020: 8002 2000 70e7 0000 0204 05b4 0103 0308 ....p...........
0x0030: 0101 0402 ....
Date=2016-06-28 Time=08:41:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65153 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4104848320 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-06-28 08:41:53 0110021 IP 192.168.1.100.65156 > 192.168.1.240.3128 : proto TCP: S 814037404:814037404(0) win 8192 checksum : 21901
0x0000: 4500 0034 2434 4000 8006 51eb c0a8 0164 E..4$4@...Q....d
0x0010: c0a8 01f0 fe84 0c38 3085 399c 0000 0000 .......80.9.....
0x0020: 8002 2000 558d 0000 0204 05b4 0103 0308 ....U...........
0x0030: 0101 0402 ....
Date=2016-06-28 Time=08:41:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65156 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2844791424 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-06-28 08:41:53 0110021 IP 192.168.1.100.65157 > 192.168.1.240.3128 : proto TCP: S 176917162:176917162(0) win 8192 checksum : 10872
0x0000: 4500 0034 605f 4000 8006 15c0 c0a8 0164 E..4`_@........d
0x0010: c0a8 01f0 fe85 0c38 0a8b 8aaa 0000 0000 .......8........
0x0020: 8002 2000 2a78 0000 0204 05b4 0103 0308 ....*x..........
0x0030: 0101 0402 ....
Date=2016-06-28 Time=08:41:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65157 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2844791424 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-06-28 08:41:53 0110021 IP 192.168.1.100.65158 > 192.168.1.240.3128 : proto TCP: S 2123387162:2123387162(0) win 8192 checksum : 61441
0x0000: 4500 0034 0780 4000 8006 6e9f c0a8 0164 E..4..@...n....d
0x0010: c0a8 01f0 fe86 0c38 7e90 511a 0000 0000 .......8~.Q.....
0x0020: 8002 2000 f001 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-06-28 Time=08:41:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65158 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2844791424 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-06-28 08:41:56 0110021 IP 192.168.1.100.65156 > 192.168.1.240.3128 : proto TCP: S 814037404:814037404(0) win 8192 checksum : 21901
0x0000: 4500 0034 2435 4000 8006 51ea c0a8 0164 E..4$5@...Q....d
0x0010: c0a8 01f0 fe84 0c38 3085 399c 0000 0000 .......80.9.....
0x0020: 8002 2000 558d 0000 0204 05b4 0103 0308 ....U...........
0x0030: 0101 0402 ....
Date=2016-06-28 Time=08:41:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65156 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2974131776 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-06-28 08:41:56 0110021 IP 192.168.1.100.65157 > 192.168.1.240.3128 : proto TCP: S 176917162:176917162(0) win 8192 checksum : 10872
0x0000: 4500 0034 6060 4000 8006 15bf c0a8 0164 E..4``@........d
0x0010: c0a8 01f0 fe85 0c38 0a8b 8aaa 0000 0000 .......8........
0x0020: 8002 2000 2a78 0000 0204 05b4 0103 0308 ....*x..........
0x0030: 0101 0402 ....
Date=2016-06-28 Time=08:41:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65157 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2974131776 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-06-28 08:41:56 0110021 IP 192.168.1.100.65158 > 192.168.1.240.3128 : proto TCP: S 2123387162:2123387162(0) win 8192 checksum : 61441
0x0000: 4500 0034 0781 4000 8006 6e9e c0a8 0164 E..4..@...n....d
0x0010: c0a8 01f0 fe86 0c38 7e90 511a 0000 0000 .......8~.Q.....
0x0020: 8002 2000 f001 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-06-28 Time=08:41:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65158 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2974131776 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-06-28 08:41:59 0110021 IP 192.168.1.100.65153 > 192.168.1.240.3128 : proto TCP: S 948770365:948770365(0) win 8192 checksum : 34038
0x0000: 4500 0030 244a 4000 8006 51d9 c0a8 0164 E..0$J@...Q....d
0x0010: c0a8 01f0 fe81 0c38 388d 163d 0000 0000 .......88..=....
0x0020: 7002 2000 84f6 0000 0204 05b4 0101 0402 p...............
Date=2016-06-28 Time=08:41:59 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65153 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664261120 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

Access_Server.Log

tail -10000 /log/access_server.log | grep neal
b
DEBUG Jun 28 08:14:52 [1997469440]: (lc_utf8_bytes): lowercase = 'nealb'
DEBUG Jun 28 08:14:52 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:'username', value:'nealb@kb.local'
DEBUG Jun 28 08:14:52 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:'name', value:'nealb@kb.local'
DEBUG Jun 28 08:14:52 [1997469440]: fill_logout_garner_data: UPLOAD:0,DOWNLOAD:0,starttime:1467118338, Groupid:5, MAC:'', NAME:'nealb@kb.local'
DEBUG Jun 28 08:14:52 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:'{ "userids":["nealb@kb.local"],"uploaddata":["254186985224"],"downloaddata":["27217391412"],"cycleupload":["254186985224"],"cycledownload":["27217391412"],"usedminutes":[398884],"cycleusedminutes":[398884],"lastusedtime":["2016-06-28 08:11:59"] }'
DEBUG Jun 28 08:14:52 [1997469440]: (opcode_handle_logout): clienttype 9, JASON: { "userid":"nealb@kb.local","liveuserid":"494","bwpolicyid":"","ipaddress":"10.10.0.21","setname":"lusers", }
DEBUG Jun 28 08:16:25 [1997469440]: (lc_utf8_bytes): lowercase = 'nealb'
DEBUG Jun 28 08:16:25 [1987046208]: insert_escape_sequence: string to process nealb
DEBUG Jun 28 08:16:25 [1987046208]: insert_escape_sequence: after inserting escape seq nealb
INFO Jun 28 08:16:25 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: 'nealb'
INFO Jun 28 08:16:25 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: 'nealb@kentonbrothers.com'
DEBUG Jun 28 08:16:25 [1987046208]: adsauth_authenticate_user: '10.10.0.10:389':(filter: '(sAMAccountName=nealb)') USER found DN:'CN=Neal Bellamy,OU=KBUsers,OU=KB,DC=KB,DC=Local'
DEBUG Jun 28 08:16:25 [1994390336]: pg_db_handle_request: req_type:0, static_query:SELECT a.userid, a.groupid, a.username, a.name, a.emailid, view_group.name, a.active, a.usertype, a.webfilterid, a.appfilterid, a.accesspolicyid, a.bwpolicyid, a.surfingquotapolicyid, a.datatransferpolicyid, a.ipallocation, tblpolicy.allotedminutes, b.usedminutes, b.cycleusedminutes, b.uploaddata, b.downloaddata, b.lastusedtime, b.cycleupload, b.cycledownload, a.maxloginallowed, a.renewdate, a.macbinding, view_group.ipallocation from tbluser a left join tblpolicy on (a.surfingquotapolicyid = tblpolicy.policyid) left join tblsecuritypolicy on (a.webfilterid = tblsecuritypolicy.securitypolicyid) left join tblappfilterpolicy on (a.appfilterid = tblappfilterpolicy.id) left join tblbandwidthpolicy on (a.bwpolicyid= tblbandwidthpolicy.policyid), view_group, tbluseraccounting b WHERE a.userid = b.userid and a.groupid = view_group.groupid and username = 'nealb@kb.local' and usertype in (1, 2, 5, 8 )
DEBUG Jun 28 08:16:25 [1994390336]: pg_db_handle_get_userinfo: column:'username', value:'nealb@kb.local'
DEBUG Jun 28 08:16:25 [1994390336]: pg_db_handle_get_userinfo: column:'name', value:'nealb@kb.local'
DEBUG Jun 28 08:16:25 [1994390336]: pg_db_handle_get_userinfo: column:'emailid', value:'nealb@kentonbrothers.com'
DEBUG Jun 28 08:16:25 [1994390336]: get_email_attr: email Attr: 'nealb@kentonbrothers.com'
DEBUG Jun 28 08:16:25 [1993337664]: sqlite_db_handle_request: req_type:2, query:SELECT count(*) FROM tblliveuser WHERE username = 'nealb@kb.local' and isactive > 0
DEBUG Jun 28 08:16:25 [1997469440]: do_authorization_phase2: User:'nealb@kb.local', Logincount:2
DEBUG Jun 28 08:16:25 [1993337664]: sqlite_db_handle_request: req_type:8, query:INSERT INTO tblliveuser (liveuserid, userid, username, name, uname, ipaddress, groupid, starttime, lastlivetime, isactive, webfilterid, appfilterid, bwpolicy, squotapolicy, accesspolicy, datatransferpolicy, renewdate, macaddress, clienttype, address_family, deviceid, agentipaddress, authserverid) VALUES (505, 8, 'nealb@kb.local', 'nealb@kb.local', 'nealb', '10.10.0.21', 5, 957035, 957035, 1, 1, 1, 0, 1, 1, 0, '2015-02-21', '', 9, 2, '', '', 0)
INFO Jun 28 08:16:25 [1997469440]: handle_liveuser_insert: LIVE USER 'nealb@kb.local' INSERTED
DEBUG Jun 28 08:16:25 [1984940864]: opcode_handle_login: OPCODE: JSON:'{ "groupid": ["5","6"],"userid":"nealb@kb.local","liveuserid":"505","ipaddress":"10.10.0.21","bwpolicyid":"","webfilterid":"Allow All","appfilterid":"Allow All","starttime":"957035","clienttype":"9","setname":"lusers","addr_family":"2","ismicroapp":"0","authservername":"","macaddress":"","logintime":"2016-06-28 08:16:25" }'
DEBUG Jun 28 08:29:25 [1997469440]: (lc_utf8_bytes): lowercase = 'nealb'
DEBUG Jun 28 08:29:25 [1987046208]: insert_escape_sequence: string to process nealb
DEBUG Jun 28 08:29:25 [1987046208]: insert_escape_sequence: after inserting escape seq nealb
INFO Jun 28 08:29:25 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: 'nealb'
INFO Jun 28 08:29:25 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: 'nealb@kentonbrothers.com'
DEBUG Jun 28 08:29:25 [1987046208]: adsauth_authenticate_user: '10.10.0.10:389':(filter: '(sAMAccountName=nealb)') USER found DN:'CN=Neal Bellamy,OU=KBUsers,OU=KB,DC=KB,DC=Local'
DEBUG Jun 28 08:29:25 [1994390336]: pg_db_handle_request: req_type:0, static_query:SELECT a.userid, a.groupid, a.username, a.name, a.emailid, view_group.name, a.active, a.usertype, a.webfilterid, a.appfilterid, a.accesspolicyid, a.bwpolicyid, a.surfingquotapolicyid, a.datatransferpolicyid, a.ipallocation, tblpolicy.allotedminutes, b.usedminutes, b.cycleusedminutes, b.uploaddata, b.downloaddata, b.lastusedtime, b.cycleupload, b.cycledownload, a.maxloginallowed, a.renewdate, a.macbinding, view_group.ipallocation from tbluser a left join tblpolicy on (a.surfingquotapolicyid = tblpolicy.policyid) left join tblsecuritypolicy on (a.webfilterid = tblsecuritypolicy.securitypolicyid) left join tblappfilterpolicy on (a.appfilterid = tblappfilterpolicy.id) left join tblbandwidthpolicy on (a.bwpolicyid= tblbandwidthpolicy.policyid), view_group, tbluseraccounting b WHERE a.userid = b.userid and a.groupid = view_group.groupid and username = 'nealb@kb.local' and usertype in (1, 2, 5, 8 )
DEBUG Jun 28 08:29:25 [1994390336]: pg_db_handle_get_userinfo: column:'username', value:'nealb@kb.local'
DEBUG Jun 28 08:29:25 [1994390336]: pg_db_handle_get_userinfo: column:'name', value:'nealb@kb.local'
DEBUG Jun 28 08:29:25 [1994390336]: pg_db_handle_get_userinfo: column:'emailid', value:'nealb@kentonbrothers.com'
DEBUG Jun 28 08:29:25 [1994390336]: get_email_attr: email Attr: 'nealb@kentonbrothers.com'
DEBUG Jun 28 08:29:25 [1993337664]: sqlite_db_handle_request: req_type:2, query:SELECT count(*) FROM tblliveuser WHERE username = 'nealb@kb.local' and isactive > 0
DEBUG Jun 28 08:29:25 [1997469440]: do_authorization_phase2: User:'nealb@kb.local', Logincount:3
DEBUG Jun 28 08:29:25 [1993337664]: sqlite_db_handle_request: req_type:8, query:INSERT INTO tblliveuser (liveuserid, userid, username, name, uname, ipaddress, groupid, starttime, lastlivetime, isactive, webfilterid, appfilterid, bwpolicy, squotapolicy, accesspolicy, datatransferpolicy, renewdate, macaddress, clienttype, address_family, deviceid, agentipaddress, authserverid) VALUES (506, 8, 'nealb@kb.local', 'nealb@kb.local', 'nealb', '192.168.1.100', 5, 957814, 957814, 1, 1, 1, 0, 1, 1, 0, '2015-02-21', '', 9, 2, '', '', 0)
INFO Jun 28 08:29:25 [1997469440]: handle_liveuser_insert: LIVE USER 'nealb@kb.local' INSERTED
DEBUG Jun 28 08:29:25 [1984940864]: opcode_handle_login: OPCODE: JSON:'{ "groupid": ["5","6"],"userid":"nealb@kb.local","liveuserid":"506","ipaddress":"192.168.1.100","bwpolicyid":"","webfilterid":"Allow All","appfilterid":"Allow All","starttime":"957814","clienttype":"9","setname":"lusers","addr_family":"2","ismicroapp":"0","authservername":"","macaddress":"","logintime":"2016-06-28 08:29:25" }'
DEBUG Jun 28 08:29:51 [1997469440]: (lc_utf8_bytes): lowercase = 'nealb'
DEBUG Jun 28 08:29:51 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:'username', value:'nealb@kb.local'
DEBUG Jun 28 08:29:51 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:'name', value:'nealb@kb.local'
DEBUG Jun 28 08:29:51 [1997469440]: fill_logout_garner_data: UPLOAD:0,DOWNLOAD:0,starttime:1467120563, Groupid:5, MAC:'', NAME:'nealb@kb.local'
DEBUG Jun 28 08:29:51 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:'{ "userids":["nealb@kb.local"],"uploaddata":["254186985224"],"downloaddata":["27217391412"],"cycleupload":["254186985224"],"cycledownload":["27217391412"],"usedminutes":[398895],"cycleusedminutes":[398895],"lastusedtime":["2016-06-28 08:26:59"] }'
DEBUG Jun 28 08:29:52 [1997469440]: (opcode_handle_logout): clienttype 9, JASON: { "userid":"nealb@kb.local","liveuserid":"506","bwpolicyid":"","ipaddress":"192.168.1.100","setname":"lusers", }
DEBUG Jun 28 08:30:00 [1997469440]: sqlite_db_handle_get_bulk_liveuseracc: column:'username', value:'nealb@kb.local'
DEBUG Jun 28 08:30:00 [1997469440]: sqlite_db_handle_get_bulk_liveuseracc: column:'username', value:'nealb@kb.local'
DEBUG Jun 28 08:30:00 [1997469440]: sqlite_db_handle_get_bulk_liveuseracc: column:'username', value:'nealb@kb.local'
DEBUG Jun 28 08:30:00 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:'{ "userids":["davids@kb.local","haleyw@kb.local","jamess@kb.local","barney@kb.local","kristenh@kb.local","nealb@kb.local","jamess@kb.local","amys@kb.local","nealb@kb.local","nealb@kb.local"],"uploaddata":["0","0","15384850","0","0","254186985224","15384850","0","254186985224","254186985224"],"downloaddata":["0","0","51788746","0","0","27217391412","51788746","0","27217391412","27217391412"],"cycleupload":["0","0","15384850","0","0","254186985224","15384850","0","254186985224","254186985224"],"cycledownload":["0","0","51788746","0","0","27217391412","51788746","0","27217391412","27217391412"],"usedminutes":[7660,1297,91869,5016,7760,398895,91869,8173,398895,398895],"cycleusedminutes":[7660,1297,91869,5016,7760,398895,91869,8173,398895,398895],"lastusedtime":["2016-06-28 08:26:59","2016-06-28 08:26:59","2016-06-28 08:26:59","2016-06-28 08:26:59","2016-06-28 08:26:59","2016-06-28 08:26:59","2016-06-28 08:26:59","2016-06-28 08:26:59","2016-06-28 08:26:59","2016-06-28 08:26:59"] }'
DEBUG Jun 28 08:34:58 [1997469440]: (lc_utf8_bytes): lowercase = 'nealb'
DEBUG Jun 28 08:34:58 [1987046208]: insert_escape_sequence: string to process nealb
DEBUG Jun 28 08:34:58 [1987046208]: insert_escape_sequence: after inserting escape seq nealb
INFO Jun 28 08:34:58 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: 'nealb'
INFO Jun 28 08:34:58 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: 'nealb@kentonbrothers.com'
DEBUG Jun 28 08:34:58 [1987046208]: adsauth_authenticate_user: '10.10.0.10:389':(filter: '(sAMAccountName=nealb)') USER found DN:'CN=Neal Bellamy,OU=KBUsers,OU=KB,DC=KB,DC=Local'
DEBUG Jun 28 08:34:58 [1994390336]: pg_db_handle_request: req_type:0, static_query:SELECT a.userid, a.groupid, a.username, a.name, a.emailid, view_group.name, a.active, a.usertype, a.webfilterid, a.appfilterid, a.accesspolicyid, a.bwpolicyid, a.surfingquotapolicyid, a.datatransferpolicyid, a.ipallocation, tblpolicy.allotedminutes, b.usedminutes, b.cycleusedminutes, b.uploaddata, b.downloaddata, b.lastusedtime, b.cycleupload, b.cycledownload, a.maxloginallowed, a.renewdate, a.macbinding, view_group.ipallocation from tbluser a left join tblpolicy on (a.surfingquotapolicyid = tblpolicy.policyid) left join tblsecuritypolicy on (a.webfilterid = tblsecuritypolicy.securitypolicyid) left join tblappfilterpolicy on (a.appfilterid = tblappfilterpolicy.id) left join tblbandwidthpolicy on (a.bwpolicyid= tblbandwidthpolicy.policyid), view_group, tbluseraccounting b WHERE a.userid = b.userid and a.groupid = view_group.groupid and username = 'nealb@kb.local' and usertype in (1, 2, 5, 8 )
DEBUG Jun 28 08:34:58 [1994390336]: pg_db_handle_get_userinfo: column:'username', value:'nealb@kb.local'
DEBUG Jun 28 08:34:58 [1994390336]: pg_db_handle_get_userinfo: column:'name', value:'nealb@kb.local'
DEBUG Jun 28 08:34:58 [1994390336]: pg_db_handle_get_userinfo: column:'emailid', value:'nealb@kentonbrothers.com'
DEBUG Jun 28 08:34:58 [1994390336]: get_email_attr: email Attr: 'nealb@kentonbrothers.com'
DEBUG Jun 28 08:34:58 [1993337664]: sqlite_db_handle_request: req_type:2, query:SELECT count(*) FROM tblliveuser WHERE username = 'nealb@kb.local' and isactive > 0
DEBUG Jun 28 08:34:58 [1997469440]: do_authorization_phase2: User:'nealb@kb.local', Logincount:3
DEBUG Jun 28 08:34:58 [1993337664]: sqlite_db_handle_request: req_type:8, query:INSERT INTO tblliveuser (liveuserid, userid, username, name, uname, ipaddress, groupid, starttime, lastlivetime, isactive, webfilterid, appfilterid, bwpolicy, squotapolicy, accesspolicy, datatransferpolicy, renewdate, macaddress, clienttype, address_family, deviceid, agentipaddress, authserverid) VALUES (506, 8, 'nealb@kb.local', 'nealb@kb.local', 'nealb', '192.168.1.100', 5, 958148, 958148, 1, 1, 1, 0, 1, 1, 0, '2015-02-21', '', 9, 2, '', '', 0)
INFO Jun 28 08:34:58 [1997469440]: handle_liveuser_insert: LIVE USER 'nealb@kb.local' INSERTED
DEBUG Jun 28 08:34:58 [1984940864]: opcode_handle_login: OPCODE: JSON:'{ "groupid": ["5","6"],"userid":"nealb@kb.local","liveuserid":"506","ipaddress":"192.168.1.100","bwpolicyid":"","webfilterid":"Allow All","appfilterid":"Allow All","starttime":"958148","clienttype":"9","setname":"lusers","addr_family":"2","ismicroapp":"0","authservername":"","macaddress":"","logintime":"2016-06-28 08:34:58" }'
DEBUG Jun 28 08:39:52 [1997469440]: (lc_utf8_bytes): lowercase = 'nealb'
DEBUG Jun 28 08:39:52 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:'username', value:'nealb@kb.local'
DEBUG Jun 28 08:39:52 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:'name', value:'nealb@kb.local'
DEBUG Jun 28 08:39:52 [1997469440]: fill_logout_garner_data: UPLOAD:0,DOWNLOAD:0,starttime:1467120898, Groupid:5, MAC:'', NAME:'nealb@kb.local'
DEBUG Jun 28 08:39:52 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:'{ "userids":["nealb@kb.local"],"uploaddata":["254186985224"],"downloaddata":["27217391412"],"cycleupload":["254186985224"],"cycledownload":["27217391412"],"usedminutes":[398906],"cycleusedminutes":[398906],"lastusedtime":["2016-06-28 08:39:00"] }'
DEBUG Jun 28 08:39:52 [1997469440]: (opcode_handle_logout): clienttype 9, JASON: { "userid":"nealb@kb.local","liveuserid":"506","bwpolicyid":"","ipaddress":"192.168.1.100","setname":"lusers", }
Cancel
Vote Up 0 Vote Down

Cancel
0 sachingurung over 9 years ago in reply to NealBellamy

Hi Neal,

Are you using XG as a proxy on port 3128? What steps do the users take to resolve the issue? Do they reauthenticate or the error seems to resolve itself automatically?

I think we are misunderstanding the issue if the users are not getting logged out.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 NealBellamy over 9 years ago in reply to sachingurung

No we are not attempting to use the XG as a proxy. No steps are taken to resolve. It clears itself up in 30-60 seconds.
Cancel
Vote Up 0 Vote Down

Cancel
0 NealBellamy over 9 years ago in reply to NealBellamy

This is still happening. Is there any resolution?

Latest logs from today.

2016-07-22 08:31:14 0110021 IP 192.168.1.100.55516 > 192.168.1.240.3128 : proto TCP: S 2825383995:2825383995(0) win 8192 checksum : 19635
0x0000: 4500 0034 1b66 4000 8006 5ab9 c0a8 0164 E..4.f@...Z....d
0x0010: c0a8 01f0 d8dc 0c38 a867 f03b 0000 0000 .......8.g.;....
0x0020: 8002 2000 4cb3 0000 0204 05b4 0103 0308 ....L...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:14 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55516 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2844627904 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:15 0102021 IP 192.168.1.100.55309 > 204.79.197.200.443 : proto TCP: F 893374328:893374328(0) win 1021 checksum : 34926
0x0000: 4500 0028 2e53 0000 8006 b858 c0a8 0164 E..(.S.....X...d
0x0010: cc4f c5c8 d80d 01bb 353f cf78 7d52 7370 .O......5?.x}Rsp
0x0020: 5011 03fd 886e 0000 0000 0000 0000 P....n........
Date=2016-07-22 Time=08:31:15 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55309 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:16 0110021 IP 192.168.1.100.55518 > 192.168.1.240.3128 : proto TCP: S 224346887:224346887(0) win 8192 checksum : 38126
0x0000: 4500 0034 5ca2 4000 8006 197d c0a8 0164 E..4\.@....}...d
0x0010: c0a8 01f0 d8de 0c38 0d5f 4307 0000 0000 .......8._C.....
0x0020: 8002 2000 94ee 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:16 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55518 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4123405440 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:16 0110021 IP 192.168.1.100.55517 > 192.168.1.240.3128 : proto TCP: S 347428222:347428222(0) win 8192 checksum : 31522
0x0000: 4500 0034 0e49 4000 8006 67d6 c0a8 0164 E..4.I@...g....d
0x0010: c0a8 01f0 d8dd 0c38 14b5 557e 0000 0000 .......8..U~....
0x0020: 8002 2000 7b22 0000 0204 05b4 0103 0308 ....{"..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:16 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55517 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4123405440 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:16 0110021 IP 192.168.1.100.55519 > 192.168.1.240.3128 : proto TCP: S 1733162272:1733162272(0) win 8192 checksum : 35045
0x0000: 4500 0034 3acd 4000 8006 3b52 c0a8 0164 E..4:.@...;R...d
0x0010: c0a8 01f0 d8df 0c38 674d f520 0000 0000 .......8gM......
0x0020: 8002 2000 88e5 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:16 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55519 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4123405440 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:16 0110021 IP 192.168.1.100.55520 > 10.10.0.11.445 : proto TCP: S 146161296:146161296(0) win 8192 checksum : 24843
0x0000: 4500 0034 503e 4000 7f06 df64 c0a8 0164 E..4P>@....d...d
0x0010: 0a0a 000b d8e0 01bd 08b6 3e90 0000 0000 ..........>.....
0x0020: 8002 2000 610b 0000 0204 05b4 0103 0308 ....a...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:16 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55520 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=4123405440 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:17 0110021 IP 192.168.1.100.55521 > 172.16.100.1.63000 : proto TCP: S 1604708825:1604708825(0) win 8192 checksum : 25720
0x0000: 4500 0034 46c8 4000 7f06 e2dd c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d8e1 f618 5fa5 e9d9 0000 0000 ..d....._.......
0x0020: 8002 2000 6478 0000 0204 05b4 0103 0308 ....dx..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:17 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55521 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=4123403520 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:18 0102021 IP 192.168.1.100.55309 > 204.79.197.200.443 : proto TCP: F 893374328:893374328(0) win 1021 checksum : 34926
0x0000: 4500 0028 2e54 0000 8006 b857 c0a8 0164 E..(.T.....W...d
0x0010: cc4f c5c8 d80d 01bb 353f cf78 7d52 7370 .O......5?.x}Rsp
0x0020: 5011 03fd 886e 0000 0000 0000 0000 P....n........
Date=2016-07-22 Time=08:31:18 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55309 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:18 0110021 IP 192.168.1.100.55523 > 192.168.1.240.3128 : proto TCP: S 3804226252:3804226252(0) win 65535 checksum : 16330
0x0000: 4500 0034 70fe 4000 8006 0521 c0a8 0164 E..4p.@....!...d
0x0010: c0a8 01f0 d8e3 0c38 e2bf e2cc 0000 0000 .......8........
0x0020: 8002 ffff 3fca 0000 0204 05b4 0103 0301 ....?...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:18 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55523 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664697216 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:20 0110021 IP 192.168.1.100.55516 > 192.168.1.240.3128 : proto TCP: S 2825383995:2825383995(0) win 8192 checksum : 24770
0x0000: 4500 0030 1b69 4000 8006 5aba c0a8 0164 E..0.i@...Z....d
0x0010: c0a8 01f0 d8dc 0c38 a867 f03b 0000 0000 .......8.g.;....
0x0020: 7002 2000 60c2 0000 0204 05b4 0101 0402 p...`...........
Date=2016-07-22 Time=08:31:20 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55516 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664489600 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:21 0110021 IP 192.168.1.100.55523 > 192.168.1.240.3128 : proto TCP: S 3804226252:3804226252(0) win 65535 checksum : 16330
0x0000: 4500 0034 70ff 4000 8006 0520 c0a8 0164 E..4p.@........d
0x0010: c0a8 01f0 d8e3 0c38 e2bf e2cc 0000 0000 .......8........
0x0020: 8002 ffff 3fca 0000 0204 05b4 0103 0301 ....?...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:21 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55523 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081054016 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:22 0110021 IP 192.168.1.100.55526 > 172.16.100.1.63000 : proto TCP: S 1068425957:1068425957(0) win 8192 checksum : 35678
0x0000: 4500 0034 46c9 4000 7f06 e2dc c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d8e6 f618 3fae e2e5 0000 0000 ..d.....?.......
0x0020: 8002 2000 8b5e 0000 0204 05b4 0103 0308 .....^..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55526 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=4081055936 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:22 0110021 IP 192.168.1.100.55517 > 192.168.1.240.3128 : proto TCP: S 347428222:347428222(0) win 8192 checksum : 36657
0x0000: 4500 0030 0e4a 4000 8006 67d9 c0a8 0164 E..0.J@...g....d
0x0010: c0a8 01f0 d8dd 0c38 14b5 557e 0000 0000 .......8..U~....
0x0020: 7002 2000 8f31 0000 0204 05b4 0101 0402 p....1..........
Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55517 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081055936 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:22 0110021 IP 192.168.1.100.55519 > 192.168.1.240.3128 : proto TCP: S 1733162272:1733162272(0) win 8192 checksum : 40180
0x0000: 4500 0030 3ace 4000 8006 3b55 c0a8 0164 E..0:.@...;U...d
0x0010: c0a8 01f0 d8df 0c38 674d f520 0000 0000 .......8gM......
0x0020: 7002 2000 9cf4 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55519 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081055936 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:22 0110021 IP 192.168.1.100.55518 > 192.168.1.240.3128 : proto TCP: S 224346887:224346887(0) win 8192 checksum : 43261
0x0000: 4500 0030 5ca3 4000 8006 1980 c0a8 0164 E..0\.@........d
0x0010: c0a8 01f0 d8de 0c38 0d5f 4307 0000 0000 .......8._C.....
0x0020: 7002 2000 a8fd 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55518 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081055936 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:22 0110021 IP 192.168.1.100.55520 > 10.10.0.11.445 : proto TCP: S 146161296:146161296(0) win 8192 checksum : 29978
0x0000: 4500 0030 5043 4000 7f06 df63 c0a8 0164 E..0PC@....c...d
0x0010: 0a0a 000b d8e0 01bd 08b6 3e90 0000 0000 ..........>.....
0x0020: 7002 2000 751a 0000 0204 05b4 0101 0402 p...u...........
Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55520 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=4081055936 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:22 0102021 IP 192.168.1.100.55309 > 204.79.197.200.443 : proto TCP: F 893374328:893374328(0) win 1021 checksum : 34926
0x0000: 4500 0028 2e55 0000 8006 b856 c0a8 0164 E..(.U.....V...d
0x0010: cc4f c5c8 d80d 01bb 353f cf78 7d52 7370 .O......5?.x}Rsp
0x0020: 5011 03fd 886e 0000 0000 0000 0000 P....n........
Date=2016-07-22 Time=08:31:22 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55309 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:23 0110021 IP 192.168.1.100.55521 > 172.16.100.1.63000 : proto TCP: S 1604708825:1604708825(0) win 8192 checksum : 30855
0x0000: 4500 0030 46ca 4000 7f06 e2df c0a8 0164 E..0F.@........d
0x0010: ac10 6401 d8e1 f618 5fa5 e9d9 0000 0000 ..d....._.......
0x0020: 7002 2000 7887 0000 0204 05b4 0101 0402 p...x...........
Date=2016-07-22 Time=08:31:23 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55521 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2303279424 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:25 0110021 IP 192.168.1.100.55526 > 172.16.100.1.63000 : proto TCP: S 1068425957:1068425957(0) win 8192 checksum : 35678
0x0000: 4500 0034 46cb 4000 7f06 e2da c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d8e6 f618 3fae e2e5 0000 0000 ..d.....?.......
0x0020: 8002 2000 8b5e 0000 0204 05b4 0103 0308 .....^..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:25 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55526 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2303279424 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:27 0110021 IP 192.168.1.100.55523 > 192.168.1.240.3128 : proto TCP: S 3804226252:3804226252(0) win 65535 checksum : 21458
0x0000: 4500 0030 7100 4000 8006 0523 c0a8 0164 E..0q.@....#...d
0x0010: c0a8 01f0 d8e3 0c38 e2bf e2cc 0000 0000 .......8........
0x0020: 7002 ffff 53d2 0000 0204 05b4 0101 0402 p...S...........
Date=2016-07-22 Time=08:31:27 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55523 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:29 0101021 IP 192.168.1.100.65388 > 74.125.198.188.5228 : proto TCP: 4010688854:4010688855(1) ack 4257780136 win 258 checksum : 2012
0x0000: 4500 0029 05ff 4000 7f06 228a c0a8 0164 E..)..@..."....d
0x0010: 4a7d c6bc ff6c 146c ef0e 4156 fdc8 91a8 J}...l.l..AV....
0x0020: 5010 0102 07dc 0000 00 P........
Date=2016-07-22 Time=08:31:29 log_id=0101021 log_type=Firewall log_component=Firewall_Rule log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=74.125.198.188 l4_protocol=TCP source_port=65388 dest_port=5228 fw_rule_id=0 policytype=1 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=12 category_id=720 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=1 inmark=0 nfqueue=0 scanflags=100 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3961856640 status=0 state=414 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:31 0110021 IP 192.168.1.100.55526 > 172.16.100.1.63000 : proto TCP: S 1068425957:1068425957(0) win 8192 checksum : 40813
0x0000: 4500 0030 46cc 4000 7f06 e2dd c0a8 0164 E..0F.@........d
0x0010: ac10 6401 d8e6 f618 3fae e2e5 0000 0000 ..d.....?.......
0x0020: 7002 2000 9f6d 0000 0204 05b4 0101 0402 p....m..........
Date=2016-07-22 Time=08:31:31 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55526 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2415784256 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:32 0102021 IP 192.168.1.100.55309 > 204.79.197.200.443 : proto TCP: R 893374329:893374329(0) checksum : 35943
0x0000: 4500 0028 2e56 0000 8006 b855 c0a8 0164 E..(.V.....U...d
0x0010: cc4f c5c8 d80d 01bb 353f cf79 7d52 7370 .O......5?.y}Rsp
0x0020: 5014 0000 8c67 0000 0000 0000 0000 P....g........
Date=2016-07-22 Time=08:31:32 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55309 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:32 0110021 IP 192.168.1.100.55531 > 192.168.1.240.3128 : proto TCP: S 3816228924:3816228924(0) win 8192 checksum : 63891
0x0000: 4500 0034 2407 4000 8006 5218 c0a8 0164 E..4$.@...R....d
0x0010: c0a8 01f0 d8eb 0c38 e377 083c 0000 0000 .......8.w.<....
0x0020: 8002 2000 f993 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:32 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55531 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344640 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:33 0110021 IP 192.168.1.100.55532 > 192.168.1.240.3128 : proto TCP: S 334875236:334875236(0) win 8192 checksum : 1773
0x0000: 4500 0034 2a13 4000 8006 4c0c c0a8 0164 E..4*.@...L....d
0x0010: c0a8 01f0 d8ec 0c38 13f5 ca64 0000 0000 .......8...d....
0x0020: 8002 2000 06ed 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55532 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344960 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:33 0110021 IP 192.168.1.100.55533 > 192.168.1.240.3128 : proto TCP: S 371773817:371773817(0) win 8192 checksum : 64931
0x0000: 4500 0034 2a14 4000 8006 4c0b c0a8 0164 E..4*.@...L....d
0x0010: c0a8 01f0 d8ed 0c38 1628 d179 0000 0000 .......8.(.y....
0x0020: 8002 2000 fda3 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55533 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344960 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:33 0102021 IP 192.168.1.100.55299 > 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394
0x0000: 4500 0028 2e57 0000 8006 b854 c0a8 0164 E..(.W.....T...d
0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.
0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........
Date=2016-07-22 Time=08:31:33 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:33 0102021 IP 192.168.1.100.55301 > 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619
0x0000: 4500 0028 2e58 0000 8006 b853 c0a8 0164 E..(.X.....S...d
0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.
0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........
Date=2016-07-22 Time=08:31:33 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:33 0102021 IP 192.168.1.100.55300 > 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385
0x0000: 4500 0028 2e59 0000 8006 b852 c0a8 0164 E..(.Y.....R...d
0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......
0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:31:33 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:33 0102021 IP 192.168.1.100.55302 > 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315
0x0000: 4500 0028 2e5a 0000 8006 b851 c0a8 0164 E..(.Z.....Q...d
0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.
0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........
Date=2016-07-22 Time=08:31:33 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:33 0110021 IP 192.168.1.100.55534 > 192.168.1.240.3128 : proto TCP: S 2225067063:2225067063(0) win 65535 checksum : 44141
0x0000: 4500 0034 2e5b 4000 8006 47c4 c0a8 0164 E..4.[@...G....d
0x0010: c0a8 01f0 d8ee 0c38 849f d437 0000 0000 .......8...7....
0x0020: 8002 ffff ac6d 0000 0204 05b4 0103 0308 .....m..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55534 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345280 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:33 0110021 IP 192.168.1.100.55535 > 192.168.1.240.3128 : proto TCP: S 784044582:784044582(0) win 65535 checksum : 17506
0x0000: 4500 0034 2e5c 4000 8006 47c3 c0a8 0164 E..4.\@...G....d
0x0010: c0a8 01f0 d8ef 0c38 2ebb 9226 0000 0000 .......8...&....
0x0020: 8002 ffff 4462 0000 0204 05b4 0103 0308 ....Db..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55535 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345280 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:33 0110021 IP 192.168.1.100.55536 > 192.168.1.240.3128 : proto TCP: S 2393637410:2393637410(0) win 65535 checksum : 29812
0x0000: 4500 0034 2e5d 4000 8006 47c2 c0a8 0164 E..4.]@...G....d
0x0010: c0a8 01f0 d8f0 0c38 8eac 0222 0000 0000 .......8..."....
0x0020: 8002 ffff 7474 0000 0204 05b4 0103 0308 ....tt..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55536 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345280 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0110021 IP 192.168.1.100.55537 > 192.168.1.240.3128 : proto TCP: S 1131090382:1131090382(0) win 65535 checksum : 45064
0x0000: 4500 0034 2e5e 4000 8006 47c1 c0a8 0164 E..4.^@...G....d
0x0010: c0a8 01f0 d8f1 0c38 436b 11ce 0000 0000 .......8Ck......
0x0020: 8002 ffff b008 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55537 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345280 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0102021 IP 192.168.1.100.55299 > 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394
0x0000: 4500 0028 2e5f 0000 8006 b84c c0a8 0164 E..(._.....L...d
0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.
0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........
Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0102021 IP 192.168.1.100.55301 > 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619
0x0000: 4500 0028 2e60 0000 8006 b84b c0a8 0164 E..(.`.....K...d
0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.
0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........
Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0102021 IP 192.168.1.100.55300 > 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385
0x0000: 4500 0028 2e61 0000 8006 b84a c0a8 0164 E..(.a.....J...d
0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......
0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0102021 IP 192.168.1.100.55302 > 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315
0x0000: 4500 0028 2e62 0000 8006 b849 c0a8 0164 E..(.b.....I...d
0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.
0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........
Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0110021 IP 192.168.1.100.55538 > 10.10.0.11.445 : proto TCP: S 3000427207:3000427207(0) win 8192 checksum : 4769
0x0000: 4500 0034 505c 4000 7f06 df46 c0a8 0164 E..4P\@....F...d
0x0010: 0a0a 000b d8f2 01bd b2d6 e2c7 0000 0000 ................
0x0020: 8002 2000 12a1 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55538 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=2570345280 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0102021 IP 192.168.1.100.55299 > 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394
0x0000: 4500 0028 2e64 0000 8006 b847 c0a8 0164 E..(.d.....G...d
0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.
0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........
Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0102021 IP 192.168.1.100.55301 > 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619
0x0000: 4500 0028 2e65 0000 8006 b846 c0a8 0164 E..(.e.....F...d
0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.
0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........
Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0102021 IP 192.168.1.100.55300 > 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385
0x0000: 4500 0028 2e63 0000 8006 b848 c0a8 0164 E..(.c.....H...d
0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......
0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0102021 IP 192.168.1.100.55302 > 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315
0x0000: 4500 0028 2e66 0000 8006 b845 c0a8 0164 E..(.f.....E...d
0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.
0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........
Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0110021 IP 192.168.1.100.55534 > 192.168.1.240.3128 : proto TCP: S 2225067063:2225067063(0) win 65535 checksum : 44141
0x0000: 4500 0034 2e67 4000 8006 47b8 c0a8 0164 E..4.g@...G....d
0x0010: c0a8 01f0 d8ee 0c38 849f d437 0000 0000 .......8...7....
0x0020: 8002 ffff ac6d 0000 0204 05b4 0103 0308 .....m..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55534 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0110021 IP 192.168.1.100.55535 > 192.168.1.240.3128 : proto TCP: S 784044582:784044582(0) win 65535 checksum : 17506
0x0000: 4500 0034 2e68 4000 8006 47b7 c0a8 0164 E..4.h@...G....d
0x0010: c0a8 01f0 d8ef 0c38 2ebb 9226 0000 0000 .......8...&....
0x0020: 8002 ffff 4462 0000 0204 05b4 0103 0308 ....Db..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55535 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:34 0110021 IP 192.168.1.100.55536 > 192.168.1.240.3128 : proto TCP: S 2393637410:2393637410(0) win 65535 checksum : 29812
0x0000: 4500 0034 2e69 4000 8006 47b6 c0a8 0164 E..4.i@...G....d
0x0010: c0a8 01f0 d8f0 0c38 8eac 0222 0000 0000 .......8..."....
0x0020: 8002 ffff 7474 0000 0204 05b4 0103 0308 ....tt..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55536 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:35 0110021 IP 192.168.1.100.55537 > 192.168.1.240.3128 : proto TCP: S 1131090382:1131090382(0) win 65535 checksum : 45064
0x0000: 4500 0034 2e6a 4000 8006 47b5 c0a8 0164 E..4.j@...G....d
0x0010: c0a8 01f0 d8f1 0c38 436b 11ce 0000 0000 .......8Ck......
0x0020: 8002 ffff b008 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55537 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:35 0110021 IP 192.168.1.100.55539 > 192.168.1.240.3128 : proto TCP: S 3638825863:3638825863(0) win 8192 checksum : 63699
0x0000: 4500 0034 5ca4 4000 8006 197b c0a8 0164 E..4\.@....{...d
0x0010: c0a8 01f0 d8f3 0c38 d8e4 1387 0000 0000 .......8........
0x0020: 8002 2000 f8d3 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55539 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:35 0110021 IP 192.168.1.100.55541 > 192.168.1.240.3128 : proto TCP: S 1304003166:1304003166(0) win 8192 checksum : 5414
0x0000: 4500 0034 3acf 4000 8006 3b50 c0a8 0164 E..4:.@...;P...d
0x0010: c0a8 01f0 d8f5 0c38 4db9 825e 0000 0000 .......8M..^....
0x0020: 8002 2000 1526 0000 0204 05b4 0103 0308 .....&..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55541 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:35 0110021 IP 192.168.1.100.55540 > 192.168.1.240.3128 : proto TCP: S 1406539676:1406539676(0) win 8192 checksum : 31180
0x0000: 4500 0034 0e4b 4000 8006 67d4 c0a8 0164 E..4.K@...g....d
0x0010: c0a8 01f0 d8f4 0c38 53d6 179c 0000 0000 .......8S.......
0x0020: 8002 2000 79cc 0000 0204 05b4 0103 0308 ....y...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55540 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:35 0110021 IP 192.168.1.100.55542 > 172.16.100.1.63000 : proto TCP: S 1833238893:1833238893(0) win 8192 checksum : 16176
0x0000: 4500 0034 46cd 4000 7f06 e2d8 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d8f6 f618 6d45 016d 0000 0000 ..d.....mE.m....
0x0020: 8002 2000 3f30 0000 0204 05b4 0103 0308 ....?0..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55542 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2844875264 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:35 0110021 IP 192.168.1.100.55531 > 192.168.1.240.3128 : proto TCP: S 3816228924:3816228924(0) win 8192 checksum : 63891
0x0000: 4500 0034 2408 4000 8006 5217 c0a8 0164 E..4$.@...R....d
0x0010: c0a8 01f0 d8eb 0c38 e377 083c 0000 0000 .......8.w.<....
0x0020: 8002 2000 f993 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55531 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392830272 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:35 0102021 IP 192.168.1.100.55299 > 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394
0x0000: 4500 0028 2e6b 0000 8006 b840 c0a8 0164 E..(.k.....@...d
0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.
0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........
Date=2016-07-22 Time=08:31:35 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:36 0102021 IP 192.168.1.100.55301 > 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619
0x0000: 4500 0028 2e6c 0000 8006 b83f c0a8 0164 E..(.l.....?...d
0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.
0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........
Date=2016-07-22 Time=08:31:36 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:36 0102021 IP 192.168.1.100.55300 > 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385
0x0000: 4500 0028 2e6d 0000 8006 b83e c0a8 0164 E..(.m.....>...d
0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......
0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:31:36 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:36 0102021 IP 192.168.1.100.55302 > 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315
0x0000: 4500 0028 2e6e 0000 8006 b83d c0a8 0164 E..(.n.....=...d
0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.
0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........
Date=2016-07-22 Time=08:31:36 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:36 0110021 IP 192.168.1.100.55532 > 192.168.1.240.3128 : proto TCP: S 334875236:334875236(0) win 8192 checksum : 1773
0x0000: 4500 0034 2a15 4000 8006 4c0a c0a8 0164 E..4*.@...L....d
0x0010: c0a8 01f0 d8ec 0c38 13f5 ca64 0000 0000 .......8...d....
0x0020: 8002 2000 06ed 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55532 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2975501760 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:36 0110021 IP 192.168.1.100.55533 > 192.168.1.240.3128 : proto TCP: S 371773817:371773817(0) win 8192 checksum : 64931
0x0000: 4500 0034 2a16 4000 8006 4c09 c0a8 0164 E..4*.@...L....d
0x0010: c0a8 01f0 d8ed 0c38 1628 d179 0000 0000 .......8.(.y....
0x0020: 8002 2000 fda3 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55533 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2975499200 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:36 0110021 IP 192.168.1.100.55534 > 192.168.1.240.3128 : proto TCP: S 2225067063:2225067063(0) win 65535 checksum : 49276
0x0000: 4500 0030 2e6f 4000 8006 47b4 c0a8 0164 E..0.o@...G....d
0x0010: c0a8 01f0 d8ee 0c38 849f d437 0000 0000 .......8...7....
0x0020: 7002 ffff c07c 0000 0204 05b4 0101 0402 p....|..........
Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55534 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392829952 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:36 0110021 IP 192.168.1.100.55535 > 192.168.1.240.3128 : proto TCP: S 784044582:784044582(0) win 65535 checksum : 22641
0x0000: 4500 0030 2e70 4000 8006 47b3 c0a8 0164 E..0.p@...G....d
0x0010: c0a8 01f0 d8ef 0c38 2ebb 9226 0000 0000 .......8...&....
0x0020: 7002 ffff 5871 0000 0204 05b4 0101 0402 p...Xq..........
Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55535 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392829952 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:36 0110021 IP 192.168.1.100.55536 > 192.168.1.240.3128 : proto TCP: S 2393637410:2393637410(0) win 65535 checksum : 34947
0x0000: 4500 0030 2e71 4000 8006 47b2 c0a8 0164 E..0.q@...G....d
0x0010: c0a8 01f0 d8f0 0c38 8eac 0222 0000 0000 .......8..."....
0x0020: 7002 ffff 8883 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55536 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392829952 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:37 0110021 IP 192.168.1.100.55537 > 192.168.1.240.3128 : proto TCP: S 1131090382:1131090382(0) win 65535 checksum : 50199
0x0000: 4500 0030 2e72 4000 8006 47b1 c0a8 0164 E..0.r@...G....d
0x0010: c0a8 01f0 d8f1 0c38 436b 11ce 0000 0000 .......8Ck......
0x0020: 7002 ffff c417 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:37 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55537 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392829952 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:37 0110021 IP 192.168.1.100.55538 > 10.10.0.11.445 : proto TCP: S 3000427207:3000427207(0) win 8192 checksum : 4769
0x0000: 4500 0034 505f 4000 7f06 df43 c0a8 0164 E..4P_@....C...d
0x0010: 0a0a 000b d8f2 01bd b2d6 e2c7 0000 0000 ................
0x0020: 8002 2000 12a1 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:37 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55538 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=2485678400 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:38 0110021 IP 192.168.1.100.55541 > 192.168.1.240.3128 : proto TCP: S 1304003166:1304003166(0) win 8192 checksum : 5414
0x0000: 4500 0034 3ad0 4000 8006 3b4f c0a8 0164 E..4:.@...;O...d
0x0010: c0a8 01f0 d8f5 0c38 4db9 825e 0000 0000 .......8M..^....
0x0020: 8002 2000 1526 0000 0204 05b4 0103 0308 .....&..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55541 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062208 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:38 0110021 IP 192.168.1.100.55539 > 192.168.1.240.3128 : proto TCP: S 3638825863:3638825863(0) win 8192 checksum : 63699
0x0000: 4500 0034 5ca5 4000 8006 197a c0a8 0164 E..4\.@....z...d
0x0010: c0a8 01f0 d8f3 0c38 d8e4 1387 0000 0000 .......8........
0x0020: 8002 2000 f8d3 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55539 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062208 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:38 0110021 IP 192.168.1.100.55540 > 192.168.1.240.3128 : proto TCP: S 1406539676:1406539676(0) win 8192 checksum : 31180
0x0000: 4500 0034 0e4c 4000 8006 67d3 c0a8 0164 E..4.L@...g....d
0x0010: c0a8 01f0 d8f4 0c38 53d6 179c 0000 0000 .......8S.......
0x0020: 8002 2000 79cc 0000 0204 05b4 0103 0308 ....y...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55540 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062208 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:38 0102021 IP 192.168.1.100.55299 > 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394
0x0000: 4500 0028 2e73 0000 8006 b838 c0a8 0164 E..(.s.....8...d
0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.
0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........
Date=2016-07-22 Time=08:31:38 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:38 0102021 IP 192.168.1.100.55302 > 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315
0x0000: 4500 0028 2e74 0000 8006 b837 c0a8 0164 E..(.t.....7...d
0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.
0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........
Date=2016-07-22 Time=08:31:38 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:38 0102021 IP 192.168.1.100.55301 > 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619
0x0000: 4500 0028 2e76 0000 8006 b835 c0a8 0164 E..(.v.....5...d
0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.
0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........
Date=2016-07-22 Time=08:31:38 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:38 0102021 IP 192.168.1.100.55300 > 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385
0x0000: 4500 0028 2e75 0000 8006 b836 c0a8 0164 E..(.u.....6...d
0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......
0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:31:38 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:38 0110021 IP 192.168.1.100.55542 > 172.16.100.1.63000 : proto TCP: S 1833238893:1833238893(0) win 8192 checksum : 16176
0x0000: 4500 0034 46ce 4000 7f06 e2d7 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d8f6 f618 6d45 016d 0000 0000 ..d.....mE.m....
0x0020: 8002 2000 3f30 0000 0204 05b4 0103 0308 ....?0..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55542 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2696062208 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:38 0110021 IP 192.168.1.100.55545 > 192.168.1.240.3128 : proto TCP: S 2956320431:2956320431(0) win 65535 checksum : 30292
0x0000: 4500 0034 2e77 4000 8006 47a8 c0a8 0164 E..4.w@...G....d
0x0010: c0a8 01f0 d8f9 0c38 b035 deaf 0000 0000 .......8.5......
0x0020: 8002 ffff 7654 0000 0204 05b4 0103 0308 ....vT..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55545 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062848 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:39 0110021 IP 192.168.1.100.55545 > 192.168.1.240.3128 : proto TCP: S 2956320431:2956320431(0) win 65535 checksum : 30292
0x0000: 4500 0034 2e78 4000 8006 47a7 c0a8 0164 E..4.x@...G....d
0x0010: c0a8 01f0 d8f9 0c38 b035 deaf 0000 0000 .......8.5......
0x0020: 8002 ffff 7654 0000 0204 05b4 0103 0308 ....vT..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:39 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55545 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062848 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:40 0110021 IP 192.168.1.100.55546 > 192.168.1.240.3128 : proto TCP: S 4046358471:4046358471(0) win 65535 checksum : 35906
0x0000: 4500 0034 2e79 4000 8006 47a6 c0a8 0164 E..4.y@...G....d
0x0010: c0a8 01f0 d8fa 0c38 f12e 87c7 0000 0000 .......8........
0x0020: 8002 ffff 8c42 0000 0204 05b4 0103 0308 .....B..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:40 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55546 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696064448 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:40 0110021 IP 192.168.1.100.55547 > 192.168.1.240.3128 : proto TCP: S 768339368:768339368(0) win 65535 checksum : 59843
0x0000: 4500 0034 2e7a 4000 8006 47a5 c0a8 0164 E..4.z@...G....d
0x0010: c0a8 01f0 d8fb 0c38 2dcb eda8 0000 0000 .......8-.......
0x0020: 8002 ffff e9c3 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:40 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55547 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696063488 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:40 0110021 IP 192.168.1.100.55548 > 192.168.1.240.3128 : proto TCP: S 2229912160:2229912160(0) win 65535 checksum : 48620
0x0000: 4500 0034 2e7b 4000 8006 47a4 c0a8 0164 E..4.{@...G....d
0x0010: c0a8 01f0 d8fc 0c38 84e9 c260 0000 0000 .......8...`....
0x0020: 8002 ffff bdec 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:40 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55548 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696063488 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:41 0110021 IP 192.168.1.100.55549 > 192.168.1.240.3128 : proto TCP: S 200343029:200343029(0) win 65535 checksum : 64335
0x0000: 4500 0034 2e7c 4000 8006 47a3 c0a8 0164 E..4.|@...G....d
0x0010: c0a8 01f0 d8fd 0c38 0bf0 fdf5 0000 0000 .......8........
0x0020: 8002 ffff fb4f 0000 0204 05b4 0103 0308 .....O..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55549 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696064128 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:41 0110021 IP 192.168.1.100.55531 > 192.168.1.240.3128 : proto TCP: S 3816228924:3816228924(0) win 8192 checksum : 3491
0x0000: 4500 0030 240e 4000 8006 5215 c0a8 0164 E..0$.@...R....d
0x0010: c0a8 01f0 d8eb 0c38 e377 083c 0000 0000 .......8.w.<....
0x0020: 7002 2000 0da3 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55531 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3961010688 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:41 0110021 IP 192.168.1.100.55546 > 192.168.1.240.3128 : proto TCP: S 4046358471:4046358471(0) win 65535 checksum : 35906
0x0000: 4500 0034 2e7d 4000 8006 47a2 c0a8 0164 E..4.}@...G....d
0x0010: c0a8 01f0 d8fa 0c38 f12e 87c7 0000 0000 .......8........
0x0020: 8002 ffff 8c42 0000 0204 05b4 0103 0308 .....B..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55546 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486720 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:41 0110021 IP 192.168.1.100.55545 > 192.168.1.240.3128 : proto TCP: S 2956320431:2956320431(0) win 65535 checksum : 35427
0x0000: 4500 0030 2e7e 4000 8006 47a5 c0a8 0164 E..0.~@...G....d
0x0010: c0a8 01f0 d8f9 0c38 b035 deaf 0000 0000 .......8.5......
0x0020: 7002 ffff 8a63 0000 0204 05b4 0101 0402 p....c..........
Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55545 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486720 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:41 0110021 IP 192.168.1.100.55547 > 192.168.1.240.3128 : proto TCP: S 768339368:768339368(0) win 65535 checksum : 59843
0x0000: 4500 0034 2e7f 4000 8006 47a0 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d8fb 0c38 2dcb eda8 0000 0000 .......8-.......
0x0020: 8002 ffff e9c3 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55547 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486720 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:41 0110021 IP 192.168.1.100.55548 > 192.168.1.240.3128 : proto TCP: S 2229912160:2229912160(0) win 65535 checksum : 48620
0x0000: 4500 0034 2e80 4000 8006 479f c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d8fc 0c38 84e9 c260 0000 0000 .......8...`....
0x0020: 8002 ffff bdec 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55548 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486720 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:42 0110021 IP 192.168.1.100.55549 > 192.168.1.240.3128 : proto TCP: S 200343029:200343029(0) win 65535 checksum : 64335
0x0000: 4500 0034 2e81 4000 8006 479e c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d8fd 0c38 0bf0 fdf5 0000 0000 .......8........
0x0020: 8002 ffff fb4f 0000 0204 05b4 0103 0308 .....O..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55549 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4123403840 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:42 0110021 IP 192.168.1.100.55532 > 192.168.1.240.3128 : proto TCP: S 334875236:334875236(0) win 8192 checksum : 6908
0x0000: 4500 0030 2a17 4000 8006 4c0c c0a8 0164 E..0*.@...L....d
0x0010: c0a8 01f0 d8ec 0c38 13f5 ca64 0000 0000 .......8...d....
0x0020: 7002 2000 1afc 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55532 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:42 0110021 IP 192.168.1.100.55533 > 192.168.1.240.3128 : proto TCP: S 371773817:371773817(0) win 8192 checksum : 4531
0x0000: 4500 0030 2a18 4000 8006 4c0b c0a8 0164 E..0*.@...L....d
0x0010: c0a8 01f0 d8ed 0c38 1628 d179 0000 0000 .......8.(.y....
0x0020: 7002 2000 11b3 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55533 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:43 0110021 IP 192.168.1.100.55552 > 172.16.100.1.63000 : proto TCP: S 708867795:708867795(0) win 8192 checksum : 3269
0x0000: 4500 0034 46cf 4000 7f06 e2d6 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d900 f618 2a40 76d3 0000 0000 ..d.....*@v.....
0x0020: 8002 2000 0cc5 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55552 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3664487360 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:43 0102021 IP 192.168.1.100.55299 > 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394
0x0000: 4500 0028 2e82 0000 8006 b829 c0a8 0164 E..(.......)...d
0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.
0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........
Date=2016-07-22 Time=08:31:43 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:43 0102021 IP 192.168.1.100.55302 > 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315
0x0000: 4500 0028 2e83 0000 8006 b828 c0a8 0164 E..(.......(...d
0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.
0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........
Date=2016-07-22 Time=08:31:43 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:43 0102021 IP 192.168.1.100.55301 > 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619
0x0000: 4500 0028 2e84 0000 8006 b827 c0a8 0164 E..(.......'...d
0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.
0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........
Date=2016-07-22 Time=08:31:43 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:43 0102021 IP 192.168.1.100.55300 > 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385
0x0000: 4500 0028 2e85 0000 8006 b826 c0a8 0164 E..(.......&...d
0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......
0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:31:43 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:43 0110021 IP 192.168.1.100.55538 > 10.10.0.11.445 : proto TCP: S 3000427207:3000427207(0) win 8192 checksum : 9904
0x0000: 4500 0030 5060 4000 7f06 df46 c0a8 0164 E..0P`@....F...d
0x0010: 0a0a 000b d8f2 01bd b2d6 e2c7 0000 0000 ................
0x0020: 7002 2000 26b0 0000 0204 05b4 0101 0402 p...&...........
Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55538 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3664487360 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:43 0110021 IP 192.168.1.100.55546 > 192.168.1.240.3128 : proto TCP: S 4046358471:4046358471(0) win 65535 checksum : 41041
0x0000: 4500 0030 2e86 4000 8006 479d c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d8fa 0c38 f12e 87c7 0000 0000 .......8........
0x0020: 7002 ffff a051 0000 0204 05b4 0101 0402 p....Q..........
Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55546 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:43 0110021 IP 192.168.1.100.55547 > 192.168.1.240.3128 : proto TCP: S 768339368:768339368(0) win 65535 checksum : 64978
0x0000: 4500 0030 2e87 4000 8006 479c c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d8fb 0c38 2dcb eda8 0000 0000 .......8-.......
0x0020: 7002 ffff fdd2 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55547 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:43 0110021 IP 192.168.1.100.55548 > 192.168.1.240.3128 : proto TCP: S 2229912160:2229912160(0) win 65535 checksum : 53755
0x0000: 4500 0030 2e88 4000 8006 479b c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d8fc 0c38 84e9 c260 0000 0000 .......8...`....
0x0020: 7002 ffff d1fb 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55548 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:44 0110021 IP 192.168.1.100.55549 > 192.168.1.240.3128 : proto TCP: S 200343029:200343029(0) win 65535 checksum : 3935
0x0000: 4500 0030 2e89 4000 8006 479a c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d8fd 0c38 0bf0 fdf5 0000 0000 .......8........
0x0020: 7002 ffff 0f5f 0000 0204 05b4 0101 0402 p...._..........
Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55549 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:44 0110021 IP 192.168.1.100.55539 > 192.168.1.240.3128 : proto TCP: S 3638825863:3638825863(0) win 8192 checksum : 3299
0x0000: 4500 0030 5ca6 4000 8006 197d c0a8 0164 E..0\.@....}...d
0x0010: c0a8 01f0 d8f3 0c38 d8e4 1387 0000 0000 .......8........
0x0020: 7002 2000 0ce3 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55539 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:44 0110021 IP 192.168.1.100.55540 > 192.168.1.240.3128 : proto TCP: S 1406539676:1406539676(0) win 8192 checksum : 36315
0x0000: 4500 0030 0e4d 4000 8006 67d6 c0a8 0164 E..0.M@...g....d
0x0010: c0a8 01f0 d8f4 0c38 53d6 179c 0000 0000 .......8S.......
0x0020: 7002 2000 8ddb 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55540 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:44 0110021 IP 192.168.1.100.55541 > 192.168.1.240.3128 : proto TCP: S 1304003166:1304003166(0) win 8192 checksum : 10549
0x0000: 4500 0030 3ad1 4000 8006 3b52 c0a8 0164 E..0:.@...;R...d
0x0010: c0a8 01f0 d8f5 0c38 4db9 825e 0000 0000 .......8M..^....
0x0020: 7002 2000 2935 0000 0204 05b4 0101 0402 p...)5..........
Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55541 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:44 0110021 IP 192.168.1.100.55542 > 172.16.100.1.63000 : proto TCP: S 1833238893:1833238893(0) win 8192 checksum : 21311
0x0000: 4500 0030 46d0 4000 7f06 e2d9 c0a8 0164 E..0F.@........d
0x0010: ac10 6401 d8f6 f618 6d45 016d 0000 0000 ..d.....mE.m....
0x0020: 7002 2000 533f 0000 0204 05b4 0101 0402 p...S?..........
Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55542 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3664487360 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:46 0110021 IP 192.168.1.100.55552 > 172.16.100.1.63000 : proto TCP: S 708867795:708867795(0) win 8192 checksum : 3269
0x0000: 4500 0034 46d1 4000 7f06 e2d4 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d900 f618 2a40 76d3 0000 0000 ..d.....*@v.....
0x0020: 8002 2000 0cc5 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:46 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55552 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2845349760 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:47 0110021 IP 192.168.1.100.55555 > 10.10.0.10.2172 : proto TCP: S 784113761:784113761(0) win 8192 checksum : 53842
0x0000: 4500 0034 2a1a 4000 7f06 058a c0a8 0164 E..4*.@........d
0x0010: 0a0a 000a d903 087c 2ebc a061 0000 0000 .......|...a....
0x0020: 8002 2000 d252 0000 0204 05b4 0103 0308 .....R..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.10 l4_protocol=TCP source_port=55555 dest_port=2172 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3665591104 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:47 0110021 IP 192.168.1.100.55556 > 192.168.1.240.3128 : proto TCP: S 3318257868:3318257868(0) win 65535 checksum : 42649
0x0000: 4500 0034 2e8a 4000 8006 4795 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d904 0c38 c5c8 98cc 0000 0000 .......8........
0x0020: 8002 ffff a699 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55556 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3665591104 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:47 0110021 IP 192.168.1.100.55557 > 192.168.1.240.3128 : proto TCP: S 3145586173:3145586173(0) win 65535 checksum : 29618
0x0000: 4500 0034 2e8b 4000 8006 4794 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d905 0c38 bb7d d5fd 0000 0000 .......8.}......
0x0020: 8002 ffff 73b2 0000 0204 05b4 0103 0308 ....s...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55557 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3665591104 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:48 0110021 IP 192.168.1.100.55558 > 192.168.1.240.3128 : proto TCP: S 2814865323:2814865323(0) win 65535 checksum : 60857
0x0000: 4500 0034 2e8c 4000 8006 4793 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d906 0c38 a7c7 6fab 0000 0000 .......8..o.....
0x0020: 8002 ffff edb9 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:48 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55558 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3665591104 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:48 0110021 IP 192.168.1.100.55556 > 192.168.1.240.3128 : proto TCP: S 3318257868:3318257868(0) win 65535 checksum : 42649
0x0000: 4500 0034 2e8d 4000 8006 4792 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d904 0c38 c5c8 98cc 0000 0000 .......8........
0x0020: 8002 ffff a699 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:48 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55556 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2304414016 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:48 0110021 IP 192.168.1.100.55557 > 192.168.1.240.3128 : proto TCP: S 3145586173:3145586173(0) win 65535 checksum : 29618
0x0000: 4500 0034 2e8e 4000 8006 4791 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d905 0c38 bb7d d5fd 0000 0000 .......8.}......
0x0020: 8002 ffff 73b2 0000 0204 05b4 0103 0308 ....s...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:48 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55557 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2304414016 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:49 0110021 IP 192.168.1.100.55558 > 192.168.1.240.3128 : proto TCP: S 2814865323:2814865323(0) win 65535 checksum : 60857
0x0000: 4500 0034 2e8f 4000 8006 4790 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d906 0c38 a7c7 6fab 0000 0000 .......8..o.....
0x0020: 8002 ffff edb9 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:49 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55558 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2304414016 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:50 0110021 IP 192.168.1.100.55555 > 10.10.0.10.2172 : proto TCP: S 784113761:784113761(0) win 8192 checksum : 53842
0x0000: 4500 0034 2a1b 4000 7f06 0589 c0a8 0164 E..4*.@........d
0x0010: 0a0a 000a d903 087c 2ebc a061 0000 0000 .......|...a....
0x0020: 8002 2000 d252 0000 0204 05b4 0103 0308 .....R..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:50 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.10 l4_protocol=TCP source_port=55555 dest_port=2172 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3664486400 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:50 0110021 IP 192.168.1.100.55556 > 192.168.1.240.3128 : proto TCP: S 3318257868:3318257868(0) win 65535 checksum : 47784
0x0000: 4500 0030 2e90 4000 8006 4793 c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d904 0c38 c5c8 98cc 0000 0000 .......8........
0x0020: 7002 ffff baa8 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:50 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55556 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486400 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:50 0110021 IP 192.168.1.100.55557 > 192.168.1.240.3128 : proto TCP: S 3145586173:3145586173(0) win 65535 checksum : 34753
0x0000: 4500 0030 2e91 4000 8006 4792 c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d905 0c38 bb7d d5fd 0000 0000 .......8.}......
0x0020: 7002 ffff 87c1 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:50 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55557 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486400 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:51 0110021 IP 192.168.1.100.55558 > 192.168.1.240.3128 : proto TCP: S 2814865323:2814865323(0) win 65535 checksum : 457
0x0000: 4500 0030 2e92 4000 8006 4791 c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d906 0c38 a7c7 6fab 0000 0000 .......8..o.....
0x0020: 7002 ffff 01c9 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:51 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55558 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486400 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:52 0110021 IP 192.168.1.100.55552 > 172.16.100.1.63000 : proto TCP: S 708867795:708867795(0) win 8192 checksum : 8404
0x0000: 4500 0030 46d2 4000 7f06 e2d7 c0a8 0164 E..0F.@........d
0x0010: ac10 6401 d900 f618 2a40 76d3 0000 0000 ..d.....*@v.....
0x0020: 7002 2000 20d4 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:52 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55552 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3664486400 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:52 0102021 IP 192.168.1.100.55299 > 204.79.197.200.443 : proto TCP: R 816133676:816133676(0) checksum : 29412
0x0000: 4500 0028 2e93 0000 8006 b818 c0a8 0164 E..(...........d
0x0010: cc4f c5c8 d803 01bb 30a5 362c 463d 61fa .O......0.6,F=a.
0x0020: 5014 0000 72e4 0000 0000 0000 0000 P...r.........
Date=2016-07-22 Time=08:31:52 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:52 0102021 IP 192.168.1.100.55302 > 204.79.197.200.443 : proto TCP: R 2431775253:2431775253(0) checksum : 795
0x0000: 4500 0028 2e94 0000 8006 b817 c0a8 0164 E..(...........d
0x0010: cc4f c5c8 d806 01bb 90f1 f215 b8f5 42d2 .O............B.
0x0020: 5014 0000 031b 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:31:52 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:52 0102021 IP 192.168.1.100.55300 > 204.79.197.200.443 : proto TCP: R 1719719810:1719719810(0) checksum : 39404
0x0000: 4500 0028 2e96 0000 8006 b815 c0a8 0164 E..(...........d
0x0010: cc4f c5c8 d804 01bb 6680 d782 f8e2 b119 .O......f.......
0x0020: 5014 0000 99ec 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:31:52 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:52 0102021 IP 192.168.1.100.55301 > 204.79.197.200.443 : proto TCP: R 2078619922:2078619922(0) checksum : 29638
0x0000: 4500 0028 2e95 0000 8006 b816 c0a8 0164 E..(...........d
0x0010: cc4f c5c8 d805 01bb 7be5 3912 3519 2414 .O......{.9.5.$.
0x0020: 5014 0000 73c6 0000 0000 0000 0000 P...s.........
Date=2016-07-22 Time=08:31:52 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:52 0110021 IP 192.168.1.100.55561 > 192.168.1.240.3128 : proto TCP: S 1633958986:1633958986(0) win 65535 checksum : 26491
0x0000: 4500 0034 2e97 4000 8006 4788 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d909 0c38 6164 3c4a 0000 0000 .......8ad<J....
0x0020: 8002 ffff 677b 0000 0204 05b4 0103 0308 ....g{..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:52 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55561 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664488320 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:53 0110021 IP 192.168.1.100.55562 > 192.168.1.240.3128 : proto TCP: S 1352632981:1352632981(0) win 8192 checksum : 2548
0x0000: 4500 0034 18c2 4000 8006 5d5d c0a8 0164 E..4..@...]]...d
0x0010: c0a8 01f0 d90a 0c38 509f 8a95 0000 0000 .......8P.......
0x0020: 8002 2000 09f4 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55562 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664488320 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:53 0110021 IP 192.168.1.100.55563 > 192.168.1.240.3128 : proto TCP: S 2490719878:2490719878(0) win 8192 checksum : 61995
0x0000: 4500 0034 1380 4000 8006 629f c0a8 0164 E..4..@...b....d
0x0010: c0a8 01f0 d90b 0c38 9475 5e86 0000 0000 .......8.u^.....
0x0020: 8002 2000 f22b 0000 0204 05b4 0103 0308 .....+..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55563 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696451328 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:53 0110021 IP 192.168.1.100.55561 > 192.168.1.240.3128 : proto TCP: S 1633958986:1633958986(0) win 65535 checksum : 26491
0x0000: 4500 0034 2e98 4000 8006 4787 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d909 0c38 6164 3c4a 0000 0000 .......8ad<J....
0x0020: 8002 ffff 677b 0000 0204 05b4 0103 0308 ....g{..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55561 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696451328 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:54 0110021 IP 192.168.1.100.55564 > 192.168.1.240.3128 : proto TCP: S 3606053714:3606053714(0) win 65535 checksum : 10980
0x0000: 4500 0034 2e99 4000 8006 4786 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d90c 0c38 d6f0 0352 0000 0000 .......8...R....
0x0020: 8002 ffff 2ae4 0000 0204 05b4 0103 0308 ....*...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:54 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55564 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963451904 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:55 0110021 IP 192.168.1.100.55565 > 192.168.1.240.3128 : proto TCP: S 3622975082:3622975082(0) win 65535 checksum : 63176
0x0000: 4500 0034 2e9a 4000 8006 4785 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d90d 0c38 d7f2 366a 0000 0000 .......8..6j....
0x0020: 8002 ffff f6c8 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:55 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55565 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963450624 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:55 0110021 IP 192.168.1.100.55566 > 10.10.0.11.445 : proto TCP: S 1803105247:1803105247(0) win 8192 checksum : 2251
0x0000: 4500 0034 5064 4000 7f06 df3e c0a8 0164 E..4Pd@....>...d
0x0010: 0a0a 000b d90e 01bd 6b79 33df 0000 0000 ........ky3.....
0x0020: 8002 2000 08cb 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:55 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55566 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3963450624 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:55 0110021 IP 192.168.1.100.55561 > 192.168.1.240.3128 : proto TCP: S 1633958986:1633958986(0) win 65535 checksum : 31626
0x0000: 4500 0030 2e9b 4000 8006 4788 c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d909 0c38 6164 3c4a 0000 0000 .......8ad<J....
0x0020: 7002 ffff 7b8a 0000 0204 05b4 0101 0402 p...{...........
Date=2016-07-22 Time=08:31:55 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55561 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963450624 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:55 0110021 IP 192.168.1.100.55564 > 192.168.1.240.3128 : proto TCP: S 3606053714:3606053714(0) win 65535 checksum : 10980
0x0000: 4500 0034 2e9c 4000 8006 4783 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d90c 0c38 d6f0 0352 0000 0000 .......8...R....
0x0020: 8002 ffff 2ae4 0000 0204 05b4 0103 0308 ....*...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:55 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55564 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963450624 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:56 0110021 IP 192.168.1.100.55565 > 192.168.1.240.3128 : proto TCP: S 3622975082:3622975082(0) win 65535 checksum : 63176
0x0000: 4500 0034 2e9d 4000 8006 4782 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d90d 0c38 d7f2 366a 0000 0000 .......8..6j....
0x0020: 8002 ffff f6c8 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55565 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963450624 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:56 0110021 IP 192.168.1.100.55567 > 172.16.100.1.63000 : proto TCP: S 2719993823:2719993823(0) win 8192 checksum : 15306
0x0000: 4500 0034 46d3 4000 7f06 e2d2 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d90f f618 a21f cfdf 0000 0000 ..d.............
0x0020: 8002 2000 3bca 0000 0204 05b4 0103 0308 ....;...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55567 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3664698176 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:56 0110021 IP 192.168.1.100.55562 > 192.168.1.240.3128 : proto TCP: S 1352632981:1352632981(0) win 8192 checksum : 2548
0x0000: 4500 0034 18c9 4000 8006 5d56 c0a8 0164 E..4..@...]V...d
0x0010: c0a8 01f0 d90a 0c38 509f 8a95 0000 0000 .......8P.......
0x0020: 8002 2000 09f4 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55562 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:56 0110021 IP 192.168.1.100.55563 > 192.168.1.240.3128 : proto TCP: S 2490719878:2490719878(0) win 8192 checksum : 61995
0x0000: 4500 0034 1381 4000 8006 629e c0a8 0164 E..4..@...b....d
0x0010: c0a8 01f0 d90b 0c38 9475 5e86 0000 0000 .......8.u^.....
0x0020: 8002 2000 f22b 0000 0204 05b4 0103 0308 .....+..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55563 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:56 0110021 IP 192.168.1.100.55555 > 10.10.0.10.2172 : proto TCP: S 784113761:784113761(0) win 8192 checksum : 58977
0x0000: 4500 0030 2a20 4000 7f06 0588 c0a8 0164 E..0*.@........d
0x0010: 0a0a 000a d903 087c 2ebc a061 0000 0000 .......|...a....
0x0020: 7002 2000 e661 0000 0204 05b4 0101 0402 p....a..........
Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.10 l4_protocol=TCP source_port=55555 dest_port=2172 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3664698176 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:56 0110021 IP 192.168.1.100.55570 > 192.168.1.240.3128 : proto TCP: S 2250717763:2250717763(0) win 8192 checksum : 9398
0x0000: 4500 0034 6625 4000 8006 0ffa c0a8 0164 E..4f%@........d
0x0010: c0a8 01f0 d912 0c38 8627 3a43 0000 0000 .......8.':C....
0x0020: 8002 2000 24b6 0000 0204 05b4 0103 0308 ....$...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55570 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:57 0110021 IP 192.168.1.100.55571 > 192.168.1.240.3128 : proto TCP: S 1265247014:1265247014(0) win 8192 checksum : 30351
0x0000: 4500 0034 6626 4000 8006 0ff9 c0a8 0164 E..4f&@........d
0x0010: c0a8 01f0 d913 0c38 4b6a 2326 0000 0000 .......8Kj#&....
0x0020: 8002 2000 768f 0000 0204 05b4 0103 0308 ....v...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:57 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55571 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:57 0110021 IP 192.168.1.100.55572 > 192.168.1.240.3128 : proto TCP: S 2964374867:2964374867(0) win 65535 checksum : 36634
0x0000: 4500 0034 2e9e 4000 8006 4781 c0a8 0164 E..4..@...G....d
0x0010: c0a8 01f0 d914 0c38 b0b0 c553 0000 0000 .......8...S....
0x0020: 8002 ffff 8f1a 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:57 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55572 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698816 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:57 0110021 IP 192.168.1.100.55564 > 192.168.1.240.3128 : proto TCP: S 3606053714:3606053714(0) win 65535 checksum : 16115
0x0000: 4500 0030 2e9f 4000 8006 4784 c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d90c 0c38 d6f0 0352 0000 0000 .......8...R....
0x0020: 7002 ffff 3ef3 0000 0204 05b4 0101 0402 p...>...........
Date=2016-07-22 Time=08:31:57 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55564 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698816 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:58 0110021 IP 192.168.1.100.55565 > 192.168.1.240.3128 : proto TCP: S 3622975082:3622975082(0) win 65535 checksum : 2776
0x0000: 4500 0030 2ea0 4000 8006 4783 c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d90d 0c38 d7f2 366a 0000 0000 .......8..6j....
0x0020: 7002 ffff 0ad8 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:31:58 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55565 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698816 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:58 0110021 IP 192.168.1.100.55566 > 10.10.0.11.445 : proto TCP: S 1803105247:1803105247(0) win 8192 checksum : 2251
0x0000: 4500 0034 5069 4000 7f06 df39 c0a8 0164 E..4Pi@....9...d
0x0010: 0a0a 000b d90e 01bd 6b79 33df 0000 0000 ........ky3.....
0x0020: 8002 2000 08cb 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:58 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55566 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3664698816 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:58 0110021 IP 192.168.1.100.55572 > 192.168.1.240.3128 : proto TCP: S 2964374867:2964374867(0) win 65535 checksum : 36634
0x0000: 4500 0034 2ea1 4000 8006 477e c0a8 0164 E..4..@...G~...d
0x0010: c0a8 01f0 d914 0c38 b0b0 c553 0000 0000 .......8...S....
0x0020: 8002 ffff 8f1a 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:58 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55572 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698816 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:59 0110021 IP 192.168.1.100.55567 > 172.16.100.1.63000 : proto TCP: S 2719993823:2719993823(0) win 8192 checksum : 15306
0x0000: 4500 0034 46d4 4000 7f06 e2d1 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d90f f618 a21f cfdf 0000 0000 ..d.............
0x0020: 8002 2000 3bca 0000 0204 05b4 0103 0308 ....;...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:59 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55567 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=4081054016 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:31:59 0110021 IP 192.168.1.100.55570 > 192.168.1.240.3128 : proto TCP: S 2250717763:2250717763(0) win 8192 checksum : 9398
0x0000: 4500 0034 6627 4000 8006 0ff8 c0a8 0164 E..4f'@........d
0x0010: c0a8 01f0 d912 0c38 8627 3a43 0000 0000 .......8.':C....
0x0020: 8002 2000 24b6 0000 0204 05b4 0103 0308 ....$...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:31:59 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55570 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081054976 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:00 0110021 IP 192.168.1.100.55571 > 192.168.1.240.3128 : proto TCP: S 1265247014:1265247014(0) win 8192 checksum : 30351
0x0000: 4500 0034 6628 4000 8006 0ff7 c0a8 0164 E..4f(@........d
0x0010: c0a8 01f0 d913 0c38 4b6a 2326 0000 0000 .......8Kj#&....
0x0020: 8002 2000 768f 0000 0204 05b4 0103 0308 ....v...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:00 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55571 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081054976 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:00 0110021 IP 192.168.1.100.55572 > 192.168.1.240.3128 : proto TCP: S 2964374867:2964374867(0) win 65535 checksum : 41769
0x0000: 4500 0030 2ea2 4000 8006 4781 c0a8 0164 E..0..@...G....d
0x0010: c0a8 01f0 d914 0c38 b0b0 c553 0000 0000 .......8...S....
0x0020: 7002 ffff a329 0000 0204 05b4 0101 0402 p....)..........
Date=2016-07-22 Time=08:32:00 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55572 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696452928 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:02 0110021 IP 192.168.1.100.55575 > 192.168.1.240.3128 : proto TCP: S 2500516977:2500516977(0) win 65535 checksum : 37791
0x0000: 4500 0034 2ea3 4000 8006 477c c0a8 0164 E..4..@...G|...d
0x0010: c0a8 01f0 d917 0c38 950a dc71 0000 0000 .......8...q....
0x0020: 8002 ffff 939f 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:02 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55575 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:02 0110021 IP 192.168.1.100.55562 > 192.168.1.240.3128 : proto TCP: S 1352632981:1352632981(0) win 8192 checksum : 7683
0x0000: 4500 0030 18d3 4000 8006 5d50 c0a8 0164 E..0..@...]P...d
0x0010: c0a8 01f0 d90a 0c38 509f 8a95 0000 0000 .......8P.......
0x0020: 7002 2000 1e03 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:32:02 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55562 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:02 0110021 IP 192.168.1.100.55563 > 192.168.1.240.3128 : proto TCP: S 2490719878:2490719878(0) win 8192 checksum : 1595
0x0000: 4500 0030 1382 4000 8006 62a1 c0a8 0164 E..0..@...b....d
0x0010: c0a8 01f0 d90b 0c38 9475 5e86 0000 0000 .......8.u^.....
0x0020: 7002 2000 063b 0000 0204 05b4 0101 0402 p....;..........
Date=2016-07-22 Time=08:32:02 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55563 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:02 0110021 IP 192.168.1.100.55576 > 192.168.1.240.3128 : proto TCP: S 4091948502:4091948502(0) win 65535 checksum : 58205
0x0000: 4500 0034 2ea4 4000 8006 477b c0a8 0164 E..4..@...G{...d
0x0010: c0a8 01f0 d918 0c38 f3e6 2dd6 0000 0000 .......8..-.....
0x0020: 8002 ffff e35d 0000 0204 05b4 0103 0308 .....]..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:02 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55576 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:03 0110021 IP 192.168.1.100.55575 > 192.168.1.240.3128 : proto TCP: S 2500516977:2500516977(0) win 65535 checksum : 37791
0x0000: 4500 0034 2ea5 4000 8006 477a c0a8 0164 E..4..@...Gz...d
0x0010: c0a8 01f0 d917 0c38 950a dc71 0000 0000 .......8...q....
0x0020: 8002 ffff 939f 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:03 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55575 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:03 0110021 IP 192.168.1.100.55576 > 192.168.1.240.3128 : proto TCP: S 4091948502:4091948502(0) win 65535 checksum : 58205
0x0000: 4500 0034 2ea6 4000 8006 4779 c0a8 0164 E..4..@...Gy...d
0x0010: c0a8 01f0 d918 0c38 f3e6 2dd6 0000 0000 .......8..-.....
0x0020: 8002 ffff e35d 0000 0204 05b4 0103 0308 .....]..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:03 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55576 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:04 0110021 IP 192.168.1.100.55566 > 10.10.0.11.445 : proto TCP: S 1803105247:1803105247(0) win 8192 checksum : 7386
0x0000: 4500 0030 5072 4000 7f06 df34 c0a8 0164 E..0Pr@....4...d
0x0010: 0a0a 000b d90e 01bd 6b79 33df 0000 0000 ........ky3.....
0x0020: 7002 2000 1cda 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:32:04 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55566 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=2570599232 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:05 0110021 IP 192.168.1.100.55575 > 192.168.1.240.3128 : proto TCP: S 2500516977:2500516977(0) win 65535 checksum : 42926
0x0000: 4500 0030 2ea7 4000 8006 477c c0a8 0164 E..0..@...G|...d
0x0010: c0a8 01f0 d917 0c38 950a dc71 0000 0000 .......8...q....
0x0020: 7002 ffff a7ae 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:32:05 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55575 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:05 0110021 IP 192.168.1.100.55567 > 172.16.100.1.63000 : proto TCP: S 2719993823:2719993823(0) win 8192 checksum : 20441
0x0000: 4500 0030 46d5 4000 7f06 e2d4 c0a8 0164 E..0F.@........d
0x0010: ac10 6401 d90f f618 a21f cfdf 0000 0000 ..d.............
0x0020: 7002 2000 4fd9 0000 0204 05b4 0101 0402 p...O...........
Date=2016-07-22 Time=08:32:05 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55567 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2570599232 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:05 0110021 IP 192.168.1.100.55570 > 192.168.1.240.3128 : proto TCP: S 2250717763:2250717763(0) win 8192 checksum : 14533
0x0000: 4500 0030 6629 4000 8006 0ffa c0a8 0164 E..0f)@........d
0x0010: c0a8 01f0 d912 0c38 8627 3a43 0000 0000 .......8.':C....
0x0020: 7002 2000 38c5 0000 0204 05b4 0101 0402 p...8...........
Date=2016-07-22 Time=08:32:05 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55570 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345600 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:05 0110021 IP 192.168.1.100.55576 > 192.168.1.240.3128 : proto TCP: S 4091948502:4091948502(0) win 65535 checksum : 63340
0x0000: 4500 0030 2ea8 4000 8006 477b c0a8 0164 E..0..@...G{...d
0x0010: c0a8 01f0 d918 0c38 f3e6 2dd6 0000 0000 .......8..-.....
0x0020: 7002 ffff f76c 0000 0204 05b4 0101 0402 p....l..........
Date=2016-07-22 Time=08:32:05 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55576 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345600 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:06 0110021 IP 192.168.1.100.55571 > 192.168.1.240.3128 : proto TCP: S 1265247014:1265247014(0) win 8192 checksum : 35486
0x0000: 4500 0030 662a 4000 8006 0ff9 c0a8 0164 E..0f*@........d
0x0010: c0a8 01f0 d913 0c38 4b6a 2326 0000 0000 .......8Kj#&....
0x0020: 7002 2000 8a9e 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:32:06 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55571 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345600 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:07 0110021 IP 192.168.1.100.55579 > 192.168.1.240.3128 : proto TCP: S 3993585777:3993585777(0) win 65535 checksum : 52892
0x0000: 4500 0034 2ea9 4000 8006 4776 c0a8 0164 E..4..@...Gv...d
0x0010: c0a8 01f0 d91b 0c38 ee09 4871 0000 0000 .......8..Hq....
0x0020: 8002 ffff ce9c 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:07 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55579 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2845348480 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:08 0110021 IP 192.168.1.100.55579 > 192.168.1.240.3128 : proto TCP: S 3993585777:3993585777(0) win 65535 checksum : 52892
0x0000: 4500 0034 2eaa 4000 8006 4775 c0a8 0164 E..4..@...Gu...d
0x0010: c0a8 01f0 d91b 0c38 ee09 4871 0000 0000 .......8..Hq....
0x0020: 8002 ffff ce9c 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:08 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55579 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3665591424 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:10 0110021 IP 192.168.1.100.55579 > 192.168.1.240.3128 : proto TCP: S 3993585777:3993585777(0) win 65535 checksum : 58027
0x0000: 4500 0030 2eab 4000 8006 4778 c0a8 0164 E..0..@...Gx...d
0x0010: c0a8 01f0 d91b 0c38 ee09 4871 0000 0000 .......8..Hq....
0x0020: 7002 ffff e2ab 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:32:10 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55579 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963452864 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:12 0110021 IP 192.168.1.100.55583 > 172.16.100.1.63000 : proto TCP: S 1838079112:1838079112(0) win 8192 checksum : 25506
0x0000: 4500 0034 46d6 4000 7f06 e2cf c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d91f f618 6d8e dc88 0000 0000 ..d.....m.......
0x0020: 8002 2000 63a2 0000 0204 05b4 0103 0308 ....c...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:12 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55583 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2845348160 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:14 0110021 IP 192.168.1.100.55584 > 192.168.1.240.3128 : proto TCP: S 2269919041:2269919041(0) win 8192 checksum : 9861
0x0000: 4500 0034 572a 4000 8006 1ef5 c0a8 0164 E..4W*@........d
0x0010: c0a8 01f0 d920 0c38 874c 3741 0000 0000 .......8.L7A....
0x0020: 8002 2000 2685 0000 0204 05b4 0103 0308 ....&...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:14 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55584 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2240260288 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:15 0110021 IP 192.168.1.100.55583 > 172.16.100.1.63000 : proto TCP: S 1838079112:1838079112(0) win 8192 checksum : 25506
0x0000: 4500 0034 46d7 4000 7f06 e2ce c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d91f f618 6d8e dc88 0000 0000 ..d.....m.......
0x0020: 8002 2000 63a2 0000 0204 05b4 0103 0308 ....c...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:15 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55583 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2240261568 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:15 0110021 IP 192.168.1.100.55592 > 192.168.1.240.3128 : proto TCP: S 1912137160:1912137160(0) win 8192 checksum : 36169
0x0000: 4500 0034 662b 4000 8006 0ff4 c0a8 0164 E..4f+@........d
0x0010: c0a8 01f0 d928 0c38 71f8 e5c8 0000 0000 .....(.8q.......
0x0020: 8002 2000 8d49 0000 0204 05b4 0103 0308 .....I..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:15 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55592 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2240261568 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:16 0102021 IP 192.168.1.100.55367 > 52.88.10.131.80 : proto TCP: R 2546870546:2546870546(0) checksum : 5960
0x0000: 4500 0028 31c9 0000 8006 0820 c0a8 0164 E..(1..........d
0x0010: 3458 0a83 d847 0050 97ce 2912 7213 8c15 4X...G.P..).r...
0x0020: 5014 0000 1748 0000 0000 0000 0000 P....H........
Date=2016-07-22 Time=08:32:16 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=52.88.10.131 l4_protocol=TCP source_port=55367 dest_port=80 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:17 0110021 IP 192.168.1.100.55595 > 172.16.100.1.63000 : proto TCP: S 3354579296:3354579296(0) win 8192 checksum : 5210
0x0000: 4500 0034 46d8 4000 7f06 e2cd c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d92b f618 c7f2 d160 0000 0000 ..d..+.....`....
0x0020: 8002 2000 145a 0000 0204 05b4 0103 0308 .....Z..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:17 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55595 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3961141760 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:17 0110021 IP 192.168.1.100.55596 > 192.168.1.240.3128 : proto TCP: S 3444052336:3444052336(0) win 8192 checksum : 1614
0x0000: 4500 0034 68f4 4000 8006 0d2b c0a8 0164 E..4h.@....+...d
0x0010: c0a8 01f0 d92c 0c38 cd48 1170 0000 0000 .....,.8.H.p....
0x0020: 8002 2000 064e 0000 0204 05b4 0103 0308 .....N..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:17 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55596 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3961141120 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:18 0110021 IP 192.168.1.100.55597 > 192.168.1.240.3128 : proto TCP: S 4080692256:4080692256(0) win 8192 checksum : 34218
0x0000: 4500 0034 68f5 4000 8006 0d2a c0a8 0164 E..4h.@....*...d
0x0010: c0a8 01f0 d92d 0c38 f33a 6c20 0000 0000 .....-.8.:l.....
0x0020: 8002 2000 85aa 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:18 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55597 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3961141120 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:18 0110021 IP 192.168.1.100.55592 > 192.168.1.240.3128 : proto TCP: S 1912137160:1912137160(0) win 8192 checksum : 36169
0x0000: 4500 0034 662e 4000 8006 0ff1 c0a8 0164 E..4f.@........d
0x0010: c0a8 01f0 d928 0c38 71f8 e5c8 0000 0000 .....(.8q.......
0x0020: 8002 2000 8d49 0000 0204 05b4 0103 0308 .....I..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:18 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55592 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2395481024 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:20 0110021 IP 192.168.1.100.55595 > 172.16.100.1.63000 : proto TCP: S 3354579296:3354579296(0) win 8192 checksum : 5210
0x0000: 4500 0034 46d9 4000 7f06 e2cc c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d92b f618 c7f2 d160 0000 0000 ..d..+.....`....
0x0020: 8002 2000 145a 0000 0204 05b4 0103 0308 .....Z..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:20 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55595 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3663553472 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:20 0110021 IP 192.168.1.100.55596 > 192.168.1.240.3128 : proto TCP: S 3444052336:3444052336(0) win 8192 checksum : 1614
0x0000: 4500 0034 68f7 4000 8006 0d28 c0a8 0164 E..4h.@....(...d
0x0010: c0a8 01f0 d92c 0c38 cd48 1170 0000 0000 .....,.8.H.p....
0x0020: 8002 2000 064e 0000 0204 05b4 0103 0308 .....N..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:20 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55596 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2567264768 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:21 0110021 IP 192.168.1.100.55597 > 192.168.1.240.3128 : proto TCP: S 4080692256:4080692256(0) win 8192 checksum : 34218
0x0000: 4500 0034 68f8 4000 8006 0d27 c0a8 0164 E..4h.@....'...d
0x0010: c0a8 01f0 d92d 0c38 f33a 6c20 0000 0000 .....-.8.:l.....
0x0020: 8002 2000 85aa 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:21 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55597 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2567264768 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:21 0102021 IP 192.168.1.100.55378 > 52.72.102.104.80 : proto TCP: R 3519972575:3519972575(0) checksum : 50901
0x0000: 4500 0028 1769 0000 8006 c6aa c0a8 0164 E..(.i.........d
0x0010: 3448 6668 d852 0050 d1ce 84df 0737 55b6 4Hfh.R.P.....7U.
0x0020: 5014 0000 c6d5 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:32:21 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=52.72.102.104 l4_protocol=TCP source_port=55378 dest_port=80 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:21 0110021 IP 192.168.1.100.55583 > 172.16.100.1.63000 : proto TCP: S 1838079112:1838079112(0) win 8192 checksum : 30641
0x0000: 4500 0030 46da 4000 7f06 e2cf c0a8 0164 E..0F.@........d
0x0010: ac10 6401 d91f f618 6d8e dc88 0000 0000 ..d.....m.......
0x0020: 7002 2000 77b1 0000 0204 05b4 0101 0402 p...w...........
Date=2016-07-22 Time=08:32:21 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55583 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2974437696 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:22 0102021 IP 192.168.1.100.55382 > 52.72.102.104.80 : proto TCP: R 1413927265:1413927265(0) checksum : 11777
0x0000: 4500 0028 176a 0000 8006 c6a9 c0a8 0164 E..(.j.........d
0x0010: 3448 6668 d856 0050 5446 d161 6105 c5be 4Hfh.V.PTF.aa...
0x0020: 5014 0000 2e01 0000 0000 0000 0000 P.............
Date=2016-07-22 Time=08:32:22 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=52.72.102.104 l4_protocol=TCP source_port=55382 dest_port=80 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:24 0110021 IP 192.168.1.100.55592 > 192.168.1.240.3128 : proto TCP: S 1912137160:1912137160(0) win 8192 checksum : 41304
0x0000: 4500 0030 6631 4000 8006 0ff2 c0a8 0164 E..0f1@........d
0x0010: c0a8 01f0 d928 0c38 71f8 e5c8 0000 0000 .....(.8q.......
0x0020: 7002 2000 a158 0000 0204 05b4 0101 0402 p....X..........
Date=2016-07-22 Time=08:32:24 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55592 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062528 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:26 0110021 IP 192.168.1.100.55595 > 172.16.100.1.63000 : proto TCP: S 3354579296:3354579296(0) win 8192 checksum : 10345
0x0000: 4500 0030 46db 4000 7f06 e2ce c0a8 0164 E..0F.@........d
0x0010: ac10 6401 d92b f618 c7f2 d160 0000 0000 ..d..+.....`....
0x0020: 7002 2000 2869 0000 0204 05b4 0101 0402 p...(i..........
Date=2016-07-22 Time=08:32:26 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55595 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3959902528 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:26 0110021 IP 192.168.1.100.55596 > 192.168.1.240.3128 : proto TCP: S 3444052336:3444052336(0) win 8192 checksum : 6749
0x0000: 4500 0030 68fc 4000 8006 0d27 c0a8 0164 E..0h.@....'...d
0x0010: c0a8 01f0 d92c 0c38 cd48 1170 0000 0000 .....,.8.H.p....
0x0020: 7002 2000 1a5d 0000 0204 05b4 0101 0402 p....]..........
Date=2016-07-22 Time=08:32:26 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55596 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3959904128 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:27 0110021 IP 192.168.1.100.55597 > 192.168.1.240.3128 : proto TCP: S 4080692256:4080692256(0) win 8192 checksum : 39353
0x0000: 4500 0030 68fd 4000 8006 0d26 c0a8 0164 E..0h.@....&...d
0x0010: c0a8 01f0 d92d 0c38 f33a 6c20 0000 0000 .....-.8.:l.....
0x0020: 7002 2000 99b9 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:32:27 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55597 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3959904128 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:33 0110021 IP 192.168.1.100.55604 > 172.16.100.1.63000 : proto TCP: S 2981503844:2981503844(0) win 8192 checksum : 55433
0x0000: 4500 0034 46dc 4000 7f06 e2c9 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d934 f618 b1b6 2364 0000 0000 ..d..4....#d....
0x0020: 8002 2000 d889 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55604 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3663556032 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:36 0110021 IP 192.168.1.100.55604 > 172.16.100.1.63000 : proto TCP: S 2981503844:2981503844(0) win 8192 checksum : 55433
0x0000: 4500 0034 46dd 4000 7f06 e2c8 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d934 f618 b1b6 2364 0000 0000 ..d..4....#d....
0x0020: 8002 2000 d889 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55604 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2570343360 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:36 0110021 IP 192.168.1.100.55605 > 192.168.1.240.3128 : proto TCP: S 376496505:376496505(0) win 8192 checksum : 60691
0x0000: 4500 0034 68fe 4000 8006 0d21 c0a8 0164 E..4h.@....!...d
0x0010: c0a8 01f0 d935 0c38 1670 e179 0000 0000 .....5.8.p.y....
0x0020: 8002 2000 ed13 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55605 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570343360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:38 0110021 IP 192.168.1.100.55608 > 172.16.100.1.63000 : proto TCP: S 216627943:216627943(0) win 8192 checksum : 9680
0x0000: 4500 0034 46de 4000 7f06 e2c7 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d938 f618 0ce9 7ae7 0000 0000 ..d..8....z.....
0x0020: 8002 2000 25d0 0000 0204 05b4 0103 0308 ....%...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55608 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2240258048 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:39 0110021 IP 192.168.1.100.55605 > 192.168.1.240.3128 : proto TCP: S 376496505:376496505(0) win 8192 checksum : 60691
0x0000: 4500 0034 68ff 4000 8006 0d20 c0a8 0164 E..4h.@........d
0x0010: c0a8 01f0 d935 0c38 1670 e179 0000 0000 .....5.8.p.y....
0x0020: 8002 2000 ed13 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:39 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55605 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696359936 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:41 0110021 IP 192.168.1.100.55608 > 172.16.100.1.63000 : proto TCP: S 216627943:216627943(0) win 8192 checksum : 9680
0x0000: 4500 0034 46df 4000 7f06 e2c6 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d938 f618 0ce9 7ae7 0000 0000 ..d..8....z.....
0x0020: 8002 2000 25d0 0000 0204 05b4 0103 0308 ....%...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55608 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2693609664 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:42 0110021 IP 192.168.1.100.55604 > 172.16.100.1.63000 : proto TCP: S 2981503844:2981503844(0) win 8192 checksum : 60568
0x0000: 4500 0030 46e0 4000 7f06 e2c9 c0a8 0164 E..0F.@........d
0x0010: ac10 6401 d934 f618 b1b6 2364 0000 0000 ..d..4....#d....
0x0020: 7002 2000 ec98 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:32:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55604 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=4079321728 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:42 0110021 IP 192.168.1.100.55611 > 192.168.1.240.3128 : proto TCP: S 288967125:288967125(0) win 8192 checksum : 35305
0x0000: 4500 0034 6638 4000 8006 0fe7 c0a8 0164 E..4f8@........d
0x0010: c0a8 01f0 d93b 0c38 1139 49d5 0000 0000 .....;.8.9I.....
0x0020: 8002 2000 89e9 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55611 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4079321728 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:44 0110021 IP 192.168.1.100.55612 > 192.168.1.240.3128 : proto TCP: S 1176912647:1176912647(0) win 8192 checksum : 23497
0x0000: 4500 0034 59ce 4000 8006 1c51 c0a8 0164 E..4Y.@....Q...d
0x0010: c0a8 01f0 d93c 0c38 4626 4307 0000 0000 .....<.8F&C.....
0x0020: 8002 2000 5bc9 0000 0204 05b4 0103 0308 ....[...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55612 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2568758848 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:45 0110021 IP 192.168.1.100.55611 > 192.168.1.240.3128 : proto TCP: S 288967125:288967125(0) win 8192 checksum : 35305
0x0000: 4500 0034 6639 4000 8006 0fe6 c0a8 0164 E..4f9@........d
0x0010: c0a8 01f0 d93b 0c38 1139 49d5 0000 0000 .....;.8.9I.....
0x0020: 8002 2000 89e9 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:45 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55611 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3663456448 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:45 0110021 IP 192.168.1.100.55605 > 192.168.1.240.3128 : proto TCP: S 376496505:376496505(0) win 8192 checksum : 291
0x0000: 4500 0030 6902 4000 8006 0d21 c0a8 0164 E..0i.@....!...d
0x0010: c0a8 01f0 d935 0c38 1670 e179 0000 0000 .....5.8.p.y....
0x0020: 7002 2000 0123 0000 0204 05b4 0101 0402 p....#..........
Date=2016-07-22 Time=08:32:45 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55605 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3663456448 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:47 0110021 IP 192.168.1.100.55612 > 192.168.1.240.3128 : proto TCP: S 1176912647:1176912647(0) win 8192 checksum : 23497
0x0000: 4500 0034 59cf 4000 8006 1c50 c0a8 0164 E..4Y.@....P...d
0x0010: c0a8 01f0 d93c 0c38 4626 4307 0000 0000 .....<.8F&C.....
0x0020: 8002 2000 5bc9 0000 0204 05b4 0103 0308 ....[...........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55612 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3960901056 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:47 0110021 IP 192.168.1.100.55608 > 172.16.100.1.63000 : proto TCP: S 216627943:216627943(0) win 8192 checksum : 14815
0x0000: 4500 0030 46e1 4000 7f06 e2c8 c0a8 0164 E..0F.@........d
0x0010: ac10 6401 d938 f618 0ce9 7ae7 0000 0000 ..d..8....z.....
0x0020: 7002 2000 39df 0000 0204 05b4 0101 0402 p...9...........
Date=2016-07-22 Time=08:32:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55608 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3960901056 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:51 0110021 IP 192.168.1.100.55611 > 192.168.1.240.3128 : proto TCP: S 288967125:288967125(0) win 8192 checksum : 40440
0x0000: 4500 0030 663b 4000 8006 0fe8 c0a8 0164 E..0f;@........d
0x0010: c0a8 01f0 d93b 0c38 1139 49d5 0000 0000 .....;.8.9I.....
0x0020: 7002 2000 9df8 0000 0204 05b4 0101 0402 p...............
Date=2016-07-22 Time=08:32:51 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55611 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2158529024 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:53 0110021 IP 192.168.1.100.55612 > 192.168.1.240.3128 : proto TCP: S 1176912647:1176912647(0) win 8192 checksum : 28632
0x0000: 4500 0030 59d0 4000 8006 1c53 c0a8 0164 E..0Y.@....S...d
0x0010: c0a8 01f0 d93c 0c38 4626 4307 0000 0000 .....<.8F&C.....
0x0020: 7002 2000 6fd8 0000 0204 05b4 0101 0402 p...o...........
Date=2016-07-22 Time=08:32:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55612 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2485415360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:54 0110021 IP 192.168.1.100.55617 > 172.16.100.1.63000 : proto TCP: S 1236350617:1236350617(0) win 8192 checksum : 11597
0x0000: 4500 0034 46e2 4000 7f06 e2c3 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d941 f618 49b1 3699 0000 0000 ..d..A..I.6.....
0x0020: 8002 2000 2d4d 0000 0204 05b4 0103 0308 ....-M..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:54 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55617 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2247897408 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

2016-07-22 08:32:57 0110021 IP 192.168.1.100.55617 > 172.16.100.1.63000 : proto TCP: S 1236350617:1236350617(0) win 8192 checksum : 11597
0x0000: 4500 0034 46e3 4000 7f06 e2c2 c0a8 0164 E..4F.@........d
0x0010: ac10 6401 d941 f618 49b1 3699 0000 0000 ..d..A..I.6.....
0x0020: 8002 2000 2d4d 0000 0204 05b4 0103 0308 ....-M..........
0x0030: 0101 0402 ....
Date=2016-07-22 Time=08:32:57 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55617 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2977322880 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

CR100iNG_CA01_SFOS 15.01.0 MR-3# tail -f /log/access_server.log | grep nealb
DEBUG Jul 22 08:36:00 [1997469440]: (lc_utf8_bytes): lowercase = 'nealb'
DEBUG Jul 22 08:36:00 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:'username', value:'nealb@kb.local'
DEBUG Jul 22 08:36:00 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:'name', value:'nealb@kb.local'
DEBUG Jul 22 08:36:00 [1997469440]: fill_logout_garner_data: UPLOAD:0,DOWNLOAD:0,starttime:1469192421, Groupid:5, MAC:'', NAME:'nealb@kb.local'
DEBUG Jul 22 08:36:00 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:'{ "userids":["nealb@kb.local"],"uploaddata":["254186985680"],"downloaddata":["27217391412"],"cycleupload":["254186985680"],"cycledownload":["27217391412"],"usedminutes":[429291],"cycleusedminutes":[429291],"lastusedtime":["2016-07-22 08:35:59"] }'
DEBUG Jul 22 08:36:00 [1997469440]: (opcode_handle_logout): clienttype 9, JASON: { "userid":"nealb@kb.local","liveuserid":"1786","bwpolicyid":"","ipaddress":"10.10.0.11","setname":"lusers", }
DEBUG Jul 22 08:36:02 [1997469440]: (lc_utf8_bytes): lowercase = 'nealb'
DEBUG Jul 22 08:36:02 [1987046208]: insert_escape_sequence: string to process nealb
DEBUG Jul 22 08:36:02 [1987046208]: insert_escape_sequence: after inserting escape seq nealb
INFO Jul 22 08:36:02 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: 'nealb'
INFO Jul 22 08:36:02 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: 'nealb@kentonbrothers.com'
DEBUG Jul 22 08:36:02 [1987046208]: adsauth_authenticate_user: '10.10.0.10:389':(filter: '(sAMAccountName=nealb)') USER found DN:'CN=Neal Bellamy,OU=KBUsers,OU=KB,DC=KB,DC=Local'
DEBUG Jul 22 08:36:02 [1994390336]: pg_db_handle_request: req_type:0, static_query:SELECT a.userid, a.groupid, a.username, a.name, a.emailid, view_group.name, a.active, a.usertype, a.webfilterid, a.appfilterid, a.accesspolicyid, a.bwpolicyid, a.surfingquotapolicyid, a.datatransferpolicyid, a.ipallocation, tblpolicy.allotedminutes, b.usedminutes, b.cycleusedminutes, b.uploaddata, b.downloaddata, b.lastusedtime, b.cycleupload, b.cycledownload, a.maxloginallowed, a.renewdate, a.macbinding, view_group.ipallocation from tbluser a left join tblpolicy on (a.surfingquotapolicyid = tblpolicy.policyid) left join tblsecuritypolicy on (a.webfilterid = tblsecuritypolicy.securitypolicyid) left join tblappfilterpolicy on (a.appfilterid = tblappfilterpolicy.id) left join tblbandwidthpolicy on (a.bwpolicyid= tblbandwidthpolicy.policyid), view_group, tbluseraccounting b WHERE a.userid = b.userid and a.groupid = view_group.groupid and username = 'nealb@kb.local' and usertype in (1, 2, 5, 8 )
DEBUG Jul 22 08:36:02 [1994390336]: pg_db_handle_get_userinfo: column:'username', value:'nealb@kb.local'
DEBUG Jul 22 08:36:02 [1994390336]: pg_db_handle_get_userinfo: column:'name', value:'nealb@kb.local'
DEBUG Jul 22 08:36:02 [1994390336]: pg_db_handle_get_userinfo: column:'emailid', value:'nealb@kentonbrothers.com'
DEBUG Jul 22 08:36:03 [1994390336]: get_email_attr: email Attr: 'nealb@kentonbrothers.com'
DEBUG Jul 22 08:36:03 [1993337664]: sqlite_db_handle_request: req_type:2, query:SELECT count(*) FROM tblliveuser WHERE username = 'nealb@kb.local' and isactive > 0
DEBUG Jul 22 08:36:03 [1997469440]: do_authorization_phase2: User:'nealb@kb.local', Logincount:2
DEBUG Jul 22 08:36:03 [1993337664]: sqlite_db_handle_request: req_type:8, query:INSERT INTO tblliveuser (liveuserid, userid, username, name, uname, ipaddress, groupid, starttime, lastlivetime, isactive, webfilterid, appfilterid, bwpolicy, squotapolicy, accesspolicy, datatransferpolicy, renewdate, macaddress, clienttype, address_family, deviceid, agentipaddress, authserverid) VALUES (1792, 8, 'nealb@kb.local', 'nealb@kb.local', 'nealb', '10.10.0.11', 5, 3031812, 3031812, 1, 1, 1, 0, 1, 1, 0, '2015-02-21', '', 9, 2, '', '', 0)
INFO Jul 22 08:36:03 [1997469440]: handle_liveuser_insert: LIVE USER 'nealb@kb.local' INSERTED
DEBUG Jul 22 08:36:03 [1984940864]: opcode_handle_login: OPCODE: JSON:'{ "groupid": ["5","6"],"userid":"nealb@kb.local","liveuserid":"1792","ipaddress":"10.10.0.11","bwpolicyid":"","webfilterid":"Allow All","appfilterid":"Allow All","starttime":"3031812","clienttype":"9","setname":"lusers","addr_family":"2","ismicroapp":"0","authservername":"","macaddress":"","logintime":"2016-07-22 08:36:03" }'
Cancel
Vote Up 0 Vote Down

Cancel
0 DMR188 over 8 years ago in reply to NealBellamy

I don't really have any good input to add to this other than I feel i'm having the same issue with a customer. I haven't dug into the logs like this, but I can say that once we enabled STAS all the users had a heck of a time getting to the internet and when they did some times it would just show text of the page rather than the full page. SSL pages really caused fits. Disabling STAS seemed to fix the issues. I just wanted to reply to this to get updates as things progress on this ticket.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 Aditya Patel over 8 years ago in reply to DMR188

HI All ,

As per the logs mentioned , some user may use XG as a proxy as port 3128 is in the picture here. Furthermore, the Drop packets are basically [F] and [R] that would mean the session with the XG is terminated as the client closed the session.

Are Still facing the same issue , while using STAS ? If so Could you message me the Service Request ID for the same .

Thanks and Regards
Aditya Patel | Network and Security Engineer.
Cancel
Vote Up 0 Vote Down

Cancel