Wednesday, December 24, 2008

Alerts—Syslog Severity Level 1 Messages

Level and Message NumberMessage Text
%PIX-1-101001(Primary) Failover cable OK.
%PIX-1-101002(Primary) Bad failover cable.
%PIX-1-101003(Primary) Failover cable not connected (this unit).
%PIX-1-101004(Primary) Failover cable not connected (other unit).
%PIX-1-101005(Primary) Error reading failover cable status.
%PIX-1-102001(Primary) Power failure/system reload other side.
%PIX-1-103001(Primary) No response from other firewall (reason code =code).
%PIX-1-103002(Primary) Other firewall network interface interface_numberOK.
%PIX-1-103003(Primary) Other firewall network interface interface_numberfailed.
%PIX-1-103004(Primary) Other firewall reports this firewall failed.
%PIX-1-103005(Primary) Other firewall reporting failure.
%PIX-1-103011Unknown message text. (7.0)
%PIX-1-104001(Primary) Switching to ACTIVE (cause: string).
%PIX-1-104002(Primary) Switching to STNDBY (cause: string).
%PIX-1-104003(Primary) Switching to FAILED.
%PIX-1-104004(Primary) Switching to OK.
%PIX-1-105001(Primary) Disabling failover.
%PIX-1-105002(Primary) Enabling failover.
%PIX-1-105003(Primary) Monitoring on interface interface_name waiting.
%PIX-1-105004(Primary) Monitoring on interface interface_name normal.
%PIX-1-105005(Primary) Lost failover communications with mate on interfaceinterface_name.
%PIX-1-105006(Primary) Link status 'Up' on interface interface_name.
%PIX-1-105007(Primary) Link status 'Down' on interface interface_name.
%PIX-1-105008(Primary) Testing interface interface_name.
%PIX-1-105009(Primary) Testing on interface interface_name {Passed | Failed}.
%PIX-1-105011(Primary) Failover cable communication failure.
%PIX-1-105020(Primary) Incomplete/slow config replication.
%PIX-1-105031Failover LAN interface is up.
%PIX-1-105032LAN failover interface is down.
%PIX-1-105033Unknown message text. (7.0)
%PIX-1-105034Receive a LAN_FAILOVER_UP message from peer.
%PIX-1-105035Receive a LAN failover interface down message from a peer.
%PIX-1-105036PIX dropped a LAN failover command message.
%PIX-1-105037The primary and standby units are switching back and forth as the active unit.
%PIX-1-105038(Primary) Interface count mismatch. (7.0)
%PIX-1-105039(Primary) Unable to verify the interface count with mate. Failover may be disabled in mate. (7.0)
%PIX-1-105040(Primary) Mate failover version is not compatible. (7.0)
%PIX-1-105041Unknown message text. (7.0)
%PIX-1-105042(Primary) Failover interface OK. (7.0)
%PIX-1-105043(Primary) Failover interface failed. (7.0)
%PIX-1-105044(Primary) Mate operational mode mode is not compatible with my mode mode. (7.0)
%PIX-1-105045Primary) Mate license (number contexts) is not compatible with my license (number contexts). (7.0)
%PIX-1-105046(Primary | Secondary) Mate has a different chassis. (7.0)
%PIX-1-105047Mate has an io_card_name1 card in slot slot_number that is different from my io_card_name2. (7.0)
%PIX-1-106004Unknown message text. (7.0)
%PIX-1-106005Unknown message text. (7.0)
%PIX-1-106008Unknown message text. (7.0)
%PIX-1-106021Deny protocol reverse path check from source_address todest_address on interface interface_name.
%PIX-1-106022Deny protocol connection spoof from source_address todest_address on interface interface_name.
%PIX-1-106101The number of ACL log deny-flows has reached limit (number).
%PIX-1-107001RIP auth failed from IP_address.
%PIX-1-107002RIP pkt failed from IP_address.
%PIX-1-108001Unknown message text. (7.0)
%PIX-1-109004Unknown message text. (7.0)
%PIX-1-111002Begin configuration: IP_address writing to device. (7.0)
%PIX-1-111111error_message. (7.0: System or infrastructure error has occurred)
%PIX-1-415001:internal_sig_id HTTP Tunnel detected—action tunnel_typefrom src_ip to dest_ip. (7.0)
%PIX-1-415002:internal_sig_id HTTP Instant Messenger detected—action instant_messenger_type from src_ip to dest_ip. (7.0)
%PIX-1-415003:internal_sig_id HTTP Peer-to-Peer detected—action instant_messenger_type from src_ip to dest_ip. (7.0)
%PIX-1-415004:internal_sig_id Content type not found—action Content Verification Failed from src_ip to dest_ip. (7.0)
%PIX-1-415006:internal_sig_id Content size size out of range—action mime_type from src_ip to dest_ip. (7.0)
%PIX-1-415007:internal_sig_id HTTP Extension method illegal—action'method_name' from src_ip to dest_ip. (7.0)
%PIX-1-415008:internal_sig_id HTTP RFC method illegal—action'method_name' from src_ip to dest_ip. (7.0)
%PIX-1-415009:internal_sig_id HTTP Header length exceeded. Receivedlength byte Header—action header length exceeded fromsrc_ip to dest_ip. (7.0)
%PIX-1-415010:internal_sig_id HTTP protocol violation detected—action HTTP Protocol not detected from src_ip to dest_ip. (7.0)
%PIX-1-415011:internal_sig_id HTTP URL Length exceeded. Received sizebyte URL—action URI length exceeded from src_ip to dest_ip. (7.0)
%PIX-1-415012:internal_sig_id HTTP Deobfuscation signature detected—action HTTP deobfuscation detected IDS evasion technique from src_ip to src_ip. (7.0)
%PIX-1-415013:internal_sig_id HTTP Transfer encoding violation detected—action Xfer_encode Transfer encoding not allowed fromsrc_ip to dest_ip. (7.0)
%PIX-1-415014:internal_sig_id Maximum of 10 unanswered HTTP requests exceeded from src_ip to dest_ip. (7.0)
%PIX-1-709003(Primary) Beginning configuration replication—Receiving from mate.
%PIX-1-709004(Primary) End Configuration Replication (ACT).
%PIX-1-709005(Primary) Beginning configuration replication—Receiving from mate.
%PIX-1-709006(Primary) End Configuration Replication (STB).
%PIX-1-713900Descriptive_event_string. (7.0: A message with several possible text strings describing a serious event or failure)
%PIX-1-715039Unexpected cleanup of tunnel table entry during SA delete. (7.0)

Troubleshooting firewall errors

Troubleshooting FW-1 by Phoneboy

Monday, December 15, 2008

Windows whereis

Save this script into whereis.bat, copy it into executable folder such as c:\windows

@echo off

setlocal
set FOUNDFLAG=0

:# Add the current directory to the path for duration of this program only.
set PATH=%PATH%;.

if exist "%~$PATH:1" ( echo Found at %~$PATH:1  && set FOUNDFLAG=1)

:# We want to look for each of the possible extensions that could be executed.
:# Replace . with space.
set SPEC=%PATHEXT:.= %

:# Replace ; with nothing.
set SPEC=%SPEC:;=%

:#Iterate across extensions, checking for each one on the path.
for %%a in (%SPEC%) do call :CHECK %1.%%a

goto :CLEANUP


:CHECK

if exist "%~$PATH:1" ( echo Found at %~$PATH:1 && set FOUNDFLAG=1 )

goto :EOF

:CLEANUP
if not %FOUNDFLAG% == 1 echo No runnable file found for %1
endlocal
goto :EOF

Sunday, December 14, 2008

Learn Unix/Linux system in 10 minutes ...

Want to learn Unix in 10 minutes?

http://freeengineer.org/learnUNIXin10minutes.html

Unix command summary, credit to University of Utah

For basic tutorial in Malay, I made a copy from Trunasuci to make sure it available for everyone..

http://adlinux.blogdrive.com/

credit to Mr Arafat aka Trunasuci for the great tutorial … My first Redhat Linux installation a couple years ago was done by referring to this tutorial.

Who am I?

LinkWithin

Related Posts with Thumbnails