Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 2715 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

default drop on a public address

davide_pala
Hi guy.
this is an optimal troubleshooting exercise ... on an UTM i've set up a dnat for the https service and it work fine. 
Now, when i open the live log found many internet connection dropped for the service on port 443 ... i've no idea becase i found those entry ...


This thread was automatically locked due to age.
Parents
  • 0
    This are RST packets received after the UTM believed the connection was closed.  Unless you're having a problem, just ignore these.  If you want to continue this thread, please edit your post and replace the picture of the Firewall Live Log with a line from the full Firewall log file, not the Live Log.

    Cheers - Bob
Reply
  • 0
    This are RST packets received after the UTM believed the connection was closed.  Unless you're having a problem, just ignore these.  If you want to continue this thread, please edit your post and replace the picture of the Firewall Live Log with a line from the full Firewall log file, not the Live Log.

    Cheers - Bob
Children
  • 0 in reply to BAlfson
    This are RST packets received after the UTM believed the connection was closed.  Unless you're having a problem, just ignore these.  If you want to continue this thread, please edit your post and replace the picture of the Firewall Live Log with a line from the full Firewall log file, not the Live Log.

    Cheers - Bob


    Tnx BAlfson ... this is my firewall log. Now the question is why an RST packet is dropped? RST is a FLAG in a valid TCP packet ....

    2014:10:30-00:00:05 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth5" outitf="eth1" srcmac="4:f9:38:b4:14:6b" dstmac="0:1a:8c:f0:94:65" srcip="10.10.253.45" dstip="37.119.51.35" proto="6" length="40" tos="0x00" prec="0x00" ttl="126" srcport="143" dstport="52585" tcpflags="RST" 
    2014:10:30-00:00:05 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="2c:36:f8:2c[:D]:c9" dstmac="0:1a:8c:f0:94:61" srcip="37.119.51.35" dstip="2.***.55.219" proto="6" length="52" tos="0x00" prec="0x00" ttl="49" srcport="53012" dstport="143" tcpflags="ACK FIN" 
    2014:10:30-00:00:08 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="2c:36:f8:2c[:D]:c9" dstmac="0:1a:8c:f0:94:61" srcip="95.235.78.166" dstip="2.***.xx.219" proto="6" length="40" tos="0x00" prec="0x00" ttl="55" srcport="52088" dstport="143" tcpflags="RST" 
    2014:10:30-00:00:08 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="2c:36:f8:2c[:D]:c9" dstmac="0:1a:8c:f0:94:61" srcip="95.235.78.166" dstip="2.***.xx.219" proto="6" length="40" tos="0x00" prec="0x00" ttl="55" srcport="52093" dstport="143" tcpflags="RST" 
    2014:10:30-00:00:08 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="2c:36:f8:2c[:D]:c9" dstmac="0:1a:8c:f0:94:61" srcip="95.235.78.166" dstip="2.***.xx.219" proto="6" length="40" tos="0x00" prec="0x00" ttl="55" srcport="52091" dstport="143" tcpflags="RST" 
    2014:10:30-00:00:08 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="2c:36:f8:2c[:D]:c9" dstmac="0:1a:8c:f0:94:61" srcip="37.119.207.72" dstip="2.***.xx.219" proto="6" length="40" tos="0x00" prec="0x00" ttl="52" srcport="1443" dstport="443" tcpflags="RST" 
    2014:10:30-00:00:12 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="2c:36:f8:2c[:D]:c9" dstmac="0:1a:8c:f0:94:61" srcip="151.24.248.16" dstip="2.***.xx.212" proto="6" length="40" tos="0x00" prec="0x00" ttl="119" srcport="51212" dstport="443" tcpflags="ACK RST" 
    2014:10:30-00:00:14 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth5" outitf="eth1" srcmac="4:f9:38:b4:14:6b" dstmac="0:1a:8c:f0:94:65" srcip="10.10.253.44" dstip="62.48.53.90" proto="17" length="76" tos="0x00" prec="0x00" ttl="62" srcport="123" dstport="123" 
    2014:10:30-00:00:14 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="2c:36:f8:2c[:D]:c9" dstmac="0:1a:8c:f0:94:61" srcip="87.3.221.208" dstip="2.***.xx.219" proto="6" length="40" tos="0x00" prec="0x00" ttl="55" srcport="35999" dstport="443" tcpflags="RST" 
    2014:10:30-00:00:15 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="2c:36:f8:2c[:D]:c9" dstmac="0:1a:8c:f0:94:61" srcip="151.24.248.16" dstip="2.228.55.212" proto="6" length="40" tos="0x00" prec="0x00" ttl="119" srcport="51276" dstport="443" tcpflags="ACK RST" 
    2014:10:30-00:00:20 SG310-1 ulogd[13264]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="2c:36:f8:2c[:D]:c9" dstmac="0:1a:8c:f0:94:61" srcip="218.77.79.43" dstip="2.***.xx.214" proto="6" length="40" tos="0x00" prec="0x00" ttl="239" srcport="37424" dstport="443" tcpflags="SYN"