Firewall event descriptions

ID Event Notes
100 Out Of Connection A packet was received that was not associated with an existing connection.
101 Invalid Flags Flag(s) set in packet were invalid. This could be due to a flag that does not make sense within the context of a current connection (if any), or due to a nonsensical combination of flags. ("Firewall Stateful Configuration" must be On for connection context to be assessed.)
102 Invalid Sequence A packet with an invalid sequence number or out-of-window data size was encountered.
103 Invalid ACK A packet with an invalid acknowledgment number was encountered.
104 Internal Error
105 CE Flags The CWR or ECE flags were set and the firewall stateful configuration specifies that these packets should be denied.
106 Invalid IP Packet's source IP was not valid.
107 Invalid IP Datagram Length The length of the IP datagram is less than the length specified in the IP header.
108 Fragmented A fragmented packet was encountered with deny fragmented packets disallowed enabled.
109 Invalid Fragment Offset
110 First Fragment Too Small A fragmented packet was encountered, the size of the fragment was less than the size of a TCP packet (no data).
111 Fragment Out Of Bounds The offsets(s) specified in a fragmented packet sequence is outside the range of the maximum size of a datagram.
112 Fragment Offset Too Small A fragmented packet was encountered, the size of the fragment was less than the size of a TCP packet (no data).
113 IPv6 Packet An IPv6 Packet was encountered, and IPv6 blocking is enabled.
114 Max Incoming Connections The number of incoming connections has exceeded the maximum number of connections allowed.
115 Max Outgoing Connections The number of outgoing connections has exceeded the maximum number of connections allowed.
116 Max SYN Sent The number of half open connections from a single computer exceeds that specified in the firewall stateful configuration.
117 License Expired
118 IP Version Unknown An IP packet other than IPv4 or IPv6 was encountered.
119 Invalid Packet Info
120 Internal Engine Error Insufficient resources.
121 Unsolicited UDP Incoming UDP packets that were not solicited by the computer are rejected.
122 Unsolicited ICMP ICMP stateful has been enabled (in firewall stateful configuration) and an unsolicited packet that does not match any Force Allow rules was received.
123 Out Of Allowed Policy The packet does not meet any of the Allow or Force Allow rules and so is implicitly denied.
124 Invalid Port Command An invalid FTP port command was encountered in the FTP control channel data stream.
125 SYN Cookie Error The SYN cookies protection mechanism encountered an error.
126 Invalid Data Offset Invalid data offset parameter.
127 No IP Header
128 Unreadable Ethernet Header Data contained in this ethernet frame is smaller than the ethernet header.
129 Undefined
130 Same Source and Destination IP Source and destination IPs were identical.
131 Invalid TCP Header Length
132 Unreadable Protocol Header The packet contains an unreadable TCP, UDP or ICMP header.
133 Unreadable IPv4 Header The packet contains an unreadable IPv4 header.
134 Unknown IP Version Unrecognized IP version.
135 Invalid Adapter Configuration An invalid adapter configuration has been received.
136 Overlapping Fragment This packet fragment overlaps a previously sent fragment.
137 Maximum ACK Retransmit This retransmitted ACK packet exceeds the ACK storm protection threshold.
138 Packet on Closed Connection A packet was received belonging to a connection already closed.
139 Dropped Retransmit Dropped retransmit.
140 Undefined
141 Out of Allowed Policy (Open Port)
142 New Connection Initiated
143 Invalid Checksum
144 Invalid Hook Used
145 IP Zero Payload
146 IPv6 Source Is Multicast
147 Invalid IPv6 Address
148 IPv6 Fragment Too Small
149 Invalid Transport Header Length
150 Out of Memory
151 Max TCP Connections
152 Max UDP Connections
200 Region Too Big A region (edit region, uri etc) exceeded the maximum allowed buffering size (7570 bytes) without being closed. This is usually because the data does not conform to the protocol.
201 Insufficient Memory The packet could not be processed properly because resources were exhausted. This can be because too many concurrent connections require buffering (max 2048) or matching resources (max 128) at the same time or because of excessive matches in a single IP packet (max 2048) or simply because the system is out of memory.
202 Maximum Edits Exceeded The maximum number of edits (32) in a single region of a packet was exceeded.
203 Edit Too Large Editing attempted to increase the size of the region above the maximum allowed size (8188 bytes).
204 Max Matches in Packet Exceeded There are more than 2048 positions in the packet with pattern match occurrences. An error is returned at this limit and the connection is dropped because this usually indicates a garbage or evasive packet.
205 Engine Call Stack Too Deep
206 Runtime Error Runtime error.
207 Packet Read Error Low level problem reading packet data.
300 Unsupported Cipher An unknown or unsupported cipher suite has been requested.
301 Error Generating Master Key(s) Unable to derive the cryptographic keys, Mac secrets, and initialization vectors from the master secret.
302 Record Layer Message (not ready) The SSL state engine has encountered an SSL record before initialization of the session.
303 Handshake Message (not ready) The SSL state engine has encountered a handshake message after the handshake has been negotiated.
304 Out Of Order Handshake Message A well formatted handshake message has been encountered out of sequence.
305 Memory Allocation Error The packet could not be processed properly because resources were exhausted. This can be because too many concurrent connections require buffering (max 2048) or matching resources (max 128) at the same time or because of excessive matches in a single IP packet (max 2048) or simply because the system is out of memory.
306 Unsupported SSL Version A client attempted to negotiate an SSL V2 session.
307 Error Decrypting Pre-master Key Unable to un-wrap the pre-master secret from the ClientKeyExchange message.
308 Client Attempted to Rollback A client attempted to rollback to an earlier version of the SSL protocol than that which was specified in the ClientHello message.
309 Renewal Error An SSL session was being requested with a cached session key that could not be located.
310 Key Exchange Error The server is attempting to establish an SSL session with temporarily generated key.
311 Maximum SSL Key Exchanges Exceeded The maximum number of concurrent key exchange requests was exceeded.
312 Key Too Large The master secret keys are larger than specified by the protocol identifier.
313 Invalid Parameters In Handshake An invalid or unreasonable value was encountered while trying to decode the handshake protocol.
314 No Sessions Available
315 Compression Method Unsupported
316 Unsupported Application-Layer Protocol An unknown or unsupported SSL Application-Layer Protocol has been requested.
500 URI Path Depth Exceeded Too many "/" separators. Max 100 path depth.
501 Invalid Traversal Tried to use "../" above root.
502 Illegal Character in URI Illegal character used in uri.
503 Incomplete UTF8 Sequence URI ended in middle of utf8 sequence.
504 Invalid UTF8 encoding Invalid/non-canonical encoding attempt.
505 Invalid Hex Encoding %nn where nn are not hex digits.
506 URI Path Length Too Long Path length is greater than 512 characters.
507 Invalid Use of Character Use of disabled characters
508 Double Decoding Exploit Double decoding exploit attempt (%25xx, %25%xxd, etc).
700 Invalid Base64 Content Packet content that was expected to be encoded in Base64 format was not encoded correctly.
710 Corrupted Deflate/GZIP Content Packet content that was expected to be encoded in Base64 format was not encoded correctly.
711 Incomplete Deflate/GZIP Content Incomplete Deflate/GZIP content
712 Deflate/GZIP Checksum Error Deflate/GZIP checksum error.
713 Unsupported Deflate/GZIP Dictionary Unsupported Deflate/GZIP dictionary.
714 Unsupported GZIP Header Format/Method Unsupported GZIP header format/method.
801 Protocol Decoding Search Limit Exceeded A protocol decoding rule defined a limit for a search or pdu object but the object was not found before the limit was reached.
802 Protocol Decoding Constraint Error A protocol decoding rule decoded data that did not meet the protocol content constraints.
803 Protocol Decoding Engine Internal Error
804 Protocol Decoding Structure Too Deep A protocol decoding rule encountered a type definition and packet content that caused the maximum type nesting depth (16) to be exceeded.
805 Protocol Decoding Stack Error A rule programming error attempted to cause recursion or use to many nested procedure calls.
806 Infinite Data Loop Error