 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
This chapter describes messages with the RT prefix. They are generated on routers running the JUNOS software with enhanced services by the Packet Forwarding Engine as it processes packets for security control in real time.
session closed reason: source-address/source-port->destination-address/destination-port,protocol-id: policy-name, inbound-packets(inbound-bytes) outbound-packets(outbound-bytes) elapsed-time
A security session was closed.
Event: This message reports an event, not an error
info
session created source-address/source-port->destination-address/destination-port,protocol-id: policy-name
A security session was created.
Event: This message reports an event, not an error
info
session denied source-address/source-port->destination-address/destination-port,protocol-id(icmp-type): policy-name
A security session was not permitted by policy.
Event: This message reports an event, not an error
info
Failed to process the packet, active call limit exceeded maximum-value
The maximum H.323 call limit has been exceeded.
Error: An error occurred
error
object-name cannot find cookie from session
Failed to find the H.323 NAT cookie.
Error: An error occurred
error
RAS Request flood to gatekeeper destination-address detected, request threshold threshold
H.323 Registration Authentication Status request messages have exceeded the configured threshold.
Error: An error occurred
error
IPSec tunnel on int interface-name with tunnel ID 0xtunnel-id received a packet with a bad SPI. source-address->destination-address/length, type, SPI 0xindex, SEQ 0xsequence-number.
Received IPSec packet with bad SPI
Error: An error occurred
error
Replay packet detected on IPSec tunnel on interface-name with tunnel ID 0xtunnel-id! From source-address to destination-address/length, type, SPI 0xindex, SEQ 0xsequence-number.
Received IPSec replay packet
Error: An error occurred
error
Exceed maximum call max active call numbermaximum-value
The maximum MGCP active call limit has been exceeded.
Error: An error occurred
error
Failed to decode MGCP packet
Failed to decode MGCP message.
Error: An error occurred
error
Failed to allocate memory for object-name
Failed to allocate memory for the MGCP objects.
Error: An error occurred
error
Failed to add MGCP object-name to flow module
Failed to register the MGCP ALG vector with the flow module.
Error: An error occurred
error
Failed to register MGCP ALG with Resource Manager
Failed to register the MGCP Resource Manager client.
Error: An error occurred
error
Failed to remove MGCP object-name from flow module
Failed to remove the MGCP ALG vector from the flow module.
Error: An error occurred
error
MGCP ALG Resource Manager client registration failed
Failed to obtain the MGCP Resource Manager client identifier.
Error: An error occurred
error
MGCP ALG client has been unregistered by Resource Manager
The Resource Manager has unregistered the MGCP Resource Manager client.
Error: An error occurred
error
Failed to create SCCP ALG call, call limit maximum-value exceeded
The maximum SCCP call limit has been exceeded.
Error: An error occurred
error
The SCCP active call rate limit maximum-value has been exceeded
The SCCP active call rate limit has been exceeded.
Error: An error occurred
error
Failed to decode SCCP packet from source-address->destination-address
Failed to decode SCCP packet.
Error: An error occurred
error
Failed to find SCCP ALG cookie from session
Failed to find SCCP NAT cookie.
Error: An error occurred
error
Failed to remove SCCP ALG vector from flow module
Failed to remove the SCCP ALG vector from the flow module.
Error: An error occurred
error
Failed to unregister SCCP client from Resource Manager when the ALG was unregistered
Failed to unregister SCCP client from Resource Manager when the ALG was unregistered.
Error: An error occurred
error
attack-name source: source-address, destination: destination-address, zone name: source-zone-name, interface name: interface-name
ICMP attack category
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
ICMP flood attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
fragmented ICMP packet attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
ICMP zero ID attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
large ICMP packet attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
ping of death attack
Event: This message reports an event, not an error
error
attack-name source: source-address, destination: destination-address, protocol-id: protocol-id, zone name: source-zone-name, interface name: interface-name
IP attack category
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP bad option attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP fragment attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP land attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP source route option attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP loose source route option attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP record route option attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP security option attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP strict source route option attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP stream option attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP timestamp option attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP spoofing attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
IP sweeping attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, protocol-id: protocol-idzone name: filter-name, interface name: interface-name
IP unknown protocol attack
Event: This message reports an event, not an error
error
source: source-address-source-port, destination: destination-address-destination-port, protocol-id: protocol-idzone name: filter-name, interface name: interface-name
malicious URL attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
session from the same destination address exceeds the threshold
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
session from the same source address exceeds the threshold
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
port scan attack
Event: This message reports an event, not an error
error
attack-name message: ip-address, zone name: source-zone-name, interface name: interface-name
Session limit category
Event: This message reports an event, not an error
error
source: source-address-source-port, destination: destination-address-destination-port, zone name: filter-name, interface name: interface-name
SYN-ACK-ACK attack
Event: This message reports an event, not an error
error
attack-name source: source-address:source-port, destination: destination-address:destination-port, zone name: source-zone-name, interface name: interface-name
TCP attack category
Event: This message reports an event, not an error
error
attack-name destination: destination-address, zone name: source-zone-name, interface name: interface-name
TCP destination IP attack category
Event: This message reports an event, not an error
error
source: source-address-source-port, destination: destination-address-destination-port, zone name: filter-name, interface name: interface-name
TCP FIN without ACK flag attack
Event: This message reports an event, not an error
error
source: source-address-source-port, destination: destination-address-destination-port, zone name: filter-name, interface name: interface-name
TCP fragment attack
Event: This message reports an event, not an error
error
source: source-address-source-port, destination: destination-address-destination-port, zone name: filter-name, interface name: interface-name
TCP no flag attack
Event: This message reports an event, not an error
error
attack-name source: source-address, zone name: source-zone-name, interface name: interface-name
TCP source IP attack category
Event: This message reports an event, not an error
error
source: source-address-source-port, destination: destination-address-destination-port, zone name: filter-name, interface name: interface-name
TCP SYN-FIN flag attack
Event: This message reports an event, not an error
error
source: source-address-source-port, destination: destination-address-destination-port, zone name: filter-name, interface name: interface-name
TCP SYN flood attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
tear drop attack
Event: This message reports an event, not an error
error
attack-name source: source-address:source-port, destination: destination-address:destination-port, zone name: source-zone-name, interface name: interface-name
UDP attack category
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
UDP flood attack
Event: This message reports an event, not an error
error
source: source-address, destination: destination-address, zone name: filter-name, interface name: interface-name
winnuke attack
Event: This message reports an event, not an error
error
Exceed maximum call
The maximum SIP call limit has been exceeded.
Error: An error occurred
error
Failed to decode SIP packet error-message
Failed to decode incoming SIP packet.
Error: An error occurred
error
The SIP stack failed to create an endpoint with the configuration
Failed to initialize SIP endpoint.
Error: An error occurred
error
The SIP stack failed endpoint failed to create a dummy listener
Failed to initialize SIP transport listener.
Error: An error occurred
error
Failed to allocate memory for object-name
Failed to allocate memory from the memory pool.
Error: An error occurred
error
Failed to add SIP ALG vector to flow module
Failed to register SIP ALG vector with the flow module.
Error: An error occurred
error
Failed to register SIP ALG with the Resource Manager
Failed to register the SIP ALG Resource Manager client.
Error: An error occurred
error
Failed to remove SIP ALG vector from flow module
Failed to remove the SIP ALG vector from the flow module.
Error: An error occurred
error
SIP client has been unregistered by RM
The Resource Manager has notified SIP that a client has been unregistered.
Error: An error occurred
error
Utilization of source nat pool 'nat-pool-name' hits clear threshold 'threshold%%'
Utilization of source NAT pool reaches the alarm clear threshold.
Error: An error occurred
error
Utilization of source nat pool 'nat-pool-name' hits raise threshold 'threshold%%'
Utilization of source NAT pool reaches the alarm raise threshold.
Error: An error occurred
error
Utilization of source nat pool 'nat-pool-name' hits clear threshold 'threshold%%'
Utilization of source NAT pool reaches the alarm clear threshold.
Error: An error occurred
error
Utilization of source nat pool 'nat-pool-name' hits raise threshold 'threshold%%'
Utilization of source NAT pool reaches the alarm raise threshold.
Error: An error occurred
error
| Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |