STAS causing dropped packets?https://community.sophos.com/sophos-xg-firewall/f/discussions/77921/stas-causing-dropped-packetsWe have recently migrated from cyberoam. I had CTAS configured before and then re-deployed STAS. None of my firewall rules use Identity, however for about 2 minutes out of every 30-45 minutes my users have no connection to any other VLAN or LAN on theen-USTelligent Community 12RE: STAS causing dropped packets?https://community.sophos.com/thread/306812?ContentTypeID=1Fri, 30 Sep 2016 03:17:01 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:f1212a1c-b6fe-4b17-8f76-7fb4adccaffaAditya Patel<p>HI All ,&nbsp;</p> <p>As per the logs mentioned , some user may use XG as a proxy as port 3128 is in the picture here. Furthermore, the Drop packets are basically [F] and [R] that would&nbsp;mean the session with &nbsp;the XG is terminated as the client closed the session.</p> <p>Are Still facing the same issue &nbsp;, while using STAS ? If so Could you message me the Service Request ID for the same .&nbsp;</p> <p>Thanks and Regards&nbsp;<br />Aditya Patel | &nbsp;Network and Security Engineer.</p><div style="clear:both;"></div>RE: STAS causing dropped packets?https://community.sophos.com/thread/302594?ContentTypeID=1Thu, 04 Aug 2016 23:00:56 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:4af6f52d-b656-45e0-bffd-e46b5c8844e7DMR188<p>I don&#39;t really have any good input to add to this other than I feel i&#39;m having the same issue with a customer. I haven&#39;t dug into the logs like this, but I can say that once we enabled STAS all the users had a heck of a time getting to the internet and when they did some times it would just show text of the page rather than the full page. &nbsp;SSL pages really caused fits. &nbsp;Disabling STAS seemed to fix the issues. &nbsp;I just wanted to reply to this to get updates as things progress on this ticket.</p> <p></p> <p>Thanks</p><div style="clear:both;"></div>RE: STAS causing dropped packets?https://community.sophos.com/thread/301678?ContentTypeID=1Fri, 22 Jul 2016 08:39:42 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:7023189e-a924-46ca-b516-e70f82901c1cNealBellamy<p>This is still happening. Is there any resolution?</p> <p></p> <p>Latest logs from today.&nbsp;</p> <p><br />2016-07-22 08:31:14 0110021 IP 192.168.1.100.55516 &gt; 192.168.1.240.3128 : proto TCP: S 2825383995:2825383995(0) win 8192 checksum : 19635<br />0x0000: 4500 0034 1b66 4000 8006 5ab9 c0a8 0164 E..4.f@...Z....d<br />0x0010: c0a8 01f0 d8dc 0c38 a867 f03b 0000 0000 .......8.g.;....<br />0x0020: 8002 2000 4cb3 0000 0204 05b4 0103 0308 ....L...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:14 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55516 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2844627904 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:15 0102021 IP 192.168.1.100.55309 &gt; 204.79.197.200.443 : proto TCP: F 893374328:893374328(0) win 1021 checksum : 34926<br />0x0000: 4500 0028 2e53 0000 8006 b858 c0a8 0164 E..(.S.....X...d<br />0x0010: cc4f c5c8 d80d 01bb 353f cf78 7d52 7370 .O......5?.x}Rsp<br />0x0020: 5011 03fd 886e 0000 0000 0000 0000 P....n........<br />Date=2016-07-22 Time=08:31:15 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55309 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:16 0110021 IP 192.168.1.100.55518 &gt; 192.168.1.240.3128 : proto TCP: S 224346887:224346887(0) win 8192 checksum : 38126<br />0x0000: 4500 0034 5ca2 4000 8006 197d c0a8 0164 E..4\.@....}...d<br />0x0010: c0a8 01f0 d8de 0c38 0d5f 4307 0000 0000 .......8._C.....<br />0x0020: 8002 2000 94ee 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:16 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55518 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4123405440 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:16 0110021 IP 192.168.1.100.55517 &gt; 192.168.1.240.3128 : proto TCP: S 347428222:347428222(0) win 8192 checksum : 31522<br />0x0000: 4500 0034 0e49 4000 8006 67d6 c0a8 0164 E..4.I@...g....d<br />0x0010: c0a8 01f0 d8dd 0c38 14b5 557e 0000 0000 .......8..U~....<br />0x0020: 8002 2000 7b22 0000 0204 05b4 0103 0308 ....{&quot;..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:16 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55517 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4123405440 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:16 0110021 IP 192.168.1.100.55519 &gt; 192.168.1.240.3128 : proto TCP: S 1733162272:1733162272(0) win 8192 checksum : 35045<br />0x0000: 4500 0034 3acd 4000 8006 3b52 c0a8 0164 E..4:.@...;R...d<br />0x0010: c0a8 01f0 d8df 0c38 674d f520 0000 0000 .......8gM......<br />0x0020: 8002 2000 88e5 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:16 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55519 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4123405440 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:16 0110021 IP 192.168.1.100.55520 &gt; 10.10.0.11.445 : proto TCP: S 146161296:146161296(0) win 8192 checksum : 24843<br />0x0000: 4500 0034 503e 4000 7f06 df64 c0a8 0164 E..4P&gt;@....d...d<br />0x0010: 0a0a 000b d8e0 01bd 08b6 3e90 0000 0000 ..........&gt;.....<br />0x0020: 8002 2000 610b 0000 0204 05b4 0103 0308 ....a...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:16 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55520 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=4123405440 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:17 0110021 IP 192.168.1.100.55521 &gt; 172.16.100.1.63000 : proto TCP: S 1604708825:1604708825(0) win 8192 checksum : 25720<br />0x0000: 4500 0034 46c8 4000 7f06 e2dd c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d8e1 f618 5fa5 e9d9 0000 0000 ..d....._.......<br />0x0020: 8002 2000 6478 0000 0204 05b4 0103 0308 ....dx..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:17 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55521 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=4123403520 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:18 0102021 IP 192.168.1.100.55309 &gt; 204.79.197.200.443 : proto TCP: F 893374328:893374328(0) win 1021 checksum : 34926<br />0x0000: 4500 0028 2e54 0000 8006 b857 c0a8 0164 E..(.T.....W...d<br />0x0010: cc4f c5c8 d80d 01bb 353f cf78 7d52 7370 .O......5?.x}Rsp<br />0x0020: 5011 03fd 886e 0000 0000 0000 0000 P....n........<br />Date=2016-07-22 Time=08:31:18 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55309 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:18 0110021 IP 192.168.1.100.55523 &gt; 192.168.1.240.3128 : proto TCP: S 3804226252:3804226252(0) win 65535 checksum : 16330<br />0x0000: 4500 0034 70fe 4000 8006 0521 c0a8 0164 E..4p.@....!...d<br />0x0010: c0a8 01f0 d8e3 0c38 e2bf e2cc 0000 0000 .......8........<br />0x0020: 8002 ffff 3fca 0000 0204 05b4 0103 0301 ....?...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:18 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55523 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664697216 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:20 0110021 IP 192.168.1.100.55516 &gt; 192.168.1.240.3128 : proto TCP: S 2825383995:2825383995(0) win 8192 checksum : 24770<br />0x0000: 4500 0030 1b69 4000 8006 5aba c0a8 0164 E..0.i@...Z....d<br />0x0010: c0a8 01f0 d8dc 0c38 a867 f03b 0000 0000 .......8.g.;....<br />0x0020: 7002 2000 60c2 0000 0204 05b4 0101 0402 p...`...........<br />Date=2016-07-22 Time=08:31:20 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55516 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664489600 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:21 0110021 IP 192.168.1.100.55523 &gt; 192.168.1.240.3128 : proto TCP: S 3804226252:3804226252(0) win 65535 checksum : 16330<br />0x0000: 4500 0034 70ff 4000 8006 0520 c0a8 0164 E..4p.@........d<br />0x0010: c0a8 01f0 d8e3 0c38 e2bf e2cc 0000 0000 .......8........<br />0x0020: 8002 ffff 3fca 0000 0204 05b4 0103 0301 ....?...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:21 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55523 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081054016 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:22 0110021 IP 192.168.1.100.55526 &gt; 172.16.100.1.63000 : proto TCP: S 1068425957:1068425957(0) win 8192 checksum : 35678<br />0x0000: 4500 0034 46c9 4000 7f06 e2dc c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d8e6 f618 3fae e2e5 0000 0000 ..d.....?.......<br />0x0020: 8002 2000 8b5e 0000 0204 05b4 0103 0308 .....^..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55526 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=4081055936 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:22 0110021 IP 192.168.1.100.55517 &gt; 192.168.1.240.3128 : proto TCP: S 347428222:347428222(0) win 8192 checksum : 36657<br />0x0000: 4500 0030 0e4a 4000 8006 67d9 c0a8 0164 E..0.J@...g....d<br />0x0010: c0a8 01f0 d8dd 0c38 14b5 557e 0000 0000 .......8..U~....<br />0x0020: 7002 2000 8f31 0000 0204 05b4 0101 0402 p....1..........<br />Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55517 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081055936 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:22 0110021 IP 192.168.1.100.55519 &gt; 192.168.1.240.3128 : proto TCP: S 1733162272:1733162272(0) win 8192 checksum : 40180<br />0x0000: 4500 0030 3ace 4000 8006 3b55 c0a8 0164 E..0:.@...;U...d<br />0x0010: c0a8 01f0 d8df 0c38 674d f520 0000 0000 .......8gM......<br />0x0020: 7002 2000 9cf4 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55519 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081055936 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:22 0110021 IP 192.168.1.100.55518 &gt; 192.168.1.240.3128 : proto TCP: S 224346887:224346887(0) win 8192 checksum : 43261<br />0x0000: 4500 0030 5ca3 4000 8006 1980 c0a8 0164 E..0\.@........d<br />0x0010: c0a8 01f0 d8de 0c38 0d5f 4307 0000 0000 .......8._C.....<br />0x0020: 7002 2000 a8fd 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55518 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081055936 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:22 0110021 IP 192.168.1.100.55520 &gt; 10.10.0.11.445 : proto TCP: S 146161296:146161296(0) win 8192 checksum : 29978<br />0x0000: 4500 0030 5043 4000 7f06 df63 c0a8 0164 E..0PC@....c...d<br />0x0010: 0a0a 000b d8e0 01bd 08b6 3e90 0000 0000 ..........&gt;.....<br />0x0020: 7002 2000 751a 0000 0204 05b4 0101 0402 p...u...........<br />Date=2016-07-22 Time=08:31:22 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55520 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=4081055936 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:22 0102021 IP 192.168.1.100.55309 &gt; 204.79.197.200.443 : proto TCP: F 893374328:893374328(0) win 1021 checksum : 34926<br />0x0000: 4500 0028 2e55 0000 8006 b856 c0a8 0164 E..(.U.....V...d<br />0x0010: cc4f c5c8 d80d 01bb 353f cf78 7d52 7370 .O......5?.x}Rsp<br />0x0020: 5011 03fd 886e 0000 0000 0000 0000 P....n........<br />Date=2016-07-22 Time=08:31:22 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55309 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:23 0110021 IP 192.168.1.100.55521 &gt; 172.16.100.1.63000 : proto TCP: S 1604708825:1604708825(0) win 8192 checksum : 30855<br />0x0000: 4500 0030 46ca 4000 7f06 e2df c0a8 0164 E..0F.@........d<br />0x0010: ac10 6401 d8e1 f618 5fa5 e9d9 0000 0000 ..d....._.......<br />0x0020: 7002 2000 7887 0000 0204 05b4 0101 0402 p...x...........<br />Date=2016-07-22 Time=08:31:23 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55521 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2303279424 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:25 0110021 IP 192.168.1.100.55526 &gt; 172.16.100.1.63000 : proto TCP: S 1068425957:1068425957(0) win 8192 checksum : 35678<br />0x0000: 4500 0034 46cb 4000 7f06 e2da c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d8e6 f618 3fae e2e5 0000 0000 ..d.....?.......<br />0x0020: 8002 2000 8b5e 0000 0204 05b4 0103 0308 .....^..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:25 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55526 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2303279424 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:27 0110021 IP 192.168.1.100.55523 &gt; 192.168.1.240.3128 : proto TCP: S 3804226252:3804226252(0) win 65535 checksum : 21458<br />0x0000: 4500 0030 7100 4000 8006 0523 c0a8 0164 E..0q.@....#...d<br />0x0010: c0a8 01f0 d8e3 0c38 e2bf e2cc 0000 0000 .......8........<br />0x0020: 7002 ffff 53d2 0000 0204 05b4 0101 0402 p...S...........<br />Date=2016-07-22 Time=08:31:27 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55523 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:29 0101021 IP 192.168.1.100.65388 &gt; 74.125.198.188.5228 : proto TCP: 4010688854:4010688855(1) ack 4257780136 win 258 checksum : 2012<br />0x0000: 4500 0029 05ff 4000 7f06 228a c0a8 0164 E..)..@...&quot;....d<br />0x0010: 4a7d c6bc ff6c 146c ef0e 4156 fdc8 91a8 J}...l.l..AV....<br />0x0020: 5010 0102 07dc 0000 00 P........<br />Date=2016-07-22 Time=08:31:29 log_id=0101021 log_type=Firewall log_component=Firewall_Rule log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=74.125.198.188 l4_protocol=TCP source_port=65388 dest_port=5228 fw_rule_id=0 policytype=1 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=12 category_id=720 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=1 inmark=0 nfqueue=0 scanflags=100 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3961856640 status=0 state=414 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:31 0110021 IP 192.168.1.100.55526 &gt; 172.16.100.1.63000 : proto TCP: S 1068425957:1068425957(0) win 8192 checksum : 40813<br />0x0000: 4500 0030 46cc 4000 7f06 e2dd c0a8 0164 E..0F.@........d<br />0x0010: ac10 6401 d8e6 f618 3fae e2e5 0000 0000 ..d.....?.......<br />0x0020: 7002 2000 9f6d 0000 0204 05b4 0101 0402 p....m..........<br />Date=2016-07-22 Time=08:31:31 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55526 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2415784256 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:32 0102021 IP 192.168.1.100.55309 &gt; 204.79.197.200.443 : proto TCP: R 893374329:893374329(0) checksum : 35943<br />0x0000: 4500 0028 2e56 0000 8006 b855 c0a8 0164 E..(.V.....U...d<br />0x0010: cc4f c5c8 d80d 01bb 353f cf79 7d52 7370 .O......5?.y}Rsp<br />0x0020: 5014 0000 8c67 0000 0000 0000 0000 P....g........<br />Date=2016-07-22 Time=08:31:32 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55309 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:32 0110021 IP 192.168.1.100.55531 &gt; 192.168.1.240.3128 : proto TCP: S 3816228924:3816228924(0) win 8192 checksum : 63891<br />0x0000: 4500 0034 2407 4000 8006 5218 c0a8 0164 E..4$.@...R....d<br />0x0010: c0a8 01f0 d8eb 0c38 e377 083c 0000 0000 .......8.w.&lt;....<br />0x0020: 8002 2000 f993 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:32 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55531 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344640 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:33 0110021 IP 192.168.1.100.55532 &gt; 192.168.1.240.3128 : proto TCP: S 334875236:334875236(0) win 8192 checksum : 1773<br />0x0000: 4500 0034 2a13 4000 8006 4c0c c0a8 0164 E..4*.@...L....d<br />0x0010: c0a8 01f0 d8ec 0c38 13f5 ca64 0000 0000 .......8...d....<br />0x0020: 8002 2000 06ed 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55532 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344960 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:33 0110021 IP 192.168.1.100.55533 &gt; 192.168.1.240.3128 : proto TCP: S 371773817:371773817(0) win 8192 checksum : 64931<br />0x0000: 4500 0034 2a14 4000 8006 4c0b c0a8 0164 E..4*.@...L....d<br />0x0010: c0a8 01f0 d8ed 0c38 1628 d179 0000 0000 .......8.(.y....<br />0x0020: 8002 2000 fda3 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55533 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344960 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:33 0102021 IP 192.168.1.100.55299 &gt; 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394<br />0x0000: 4500 0028 2e57 0000 8006 b854 c0a8 0164 E..(.W.....T...d<br />0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.<br />0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........<br />Date=2016-07-22 Time=08:31:33 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:33 0102021 IP 192.168.1.100.55301 &gt; 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619<br />0x0000: 4500 0028 2e58 0000 8006 b853 c0a8 0164 E..(.X.....S...d<br />0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.<br />0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........<br />Date=2016-07-22 Time=08:31:33 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:33 0102021 IP 192.168.1.100.55300 &gt; 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385<br />0x0000: 4500 0028 2e59 0000 8006 b852 c0a8 0164 E..(.Y.....R...d<br />0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......<br />0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:31:33 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:33 0102021 IP 192.168.1.100.55302 &gt; 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315<br />0x0000: 4500 0028 2e5a 0000 8006 b851 c0a8 0164 E..(.Z.....Q...d<br />0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.<br />0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........<br />Date=2016-07-22 Time=08:31:33 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:33 0110021 IP 192.168.1.100.55534 &gt; 192.168.1.240.3128 : proto TCP: S 2225067063:2225067063(0) win 65535 checksum : 44141<br />0x0000: 4500 0034 2e5b 4000 8006 47c4 c0a8 0164 E..4.[@...G....d<br />0x0010: c0a8 01f0 d8ee 0c38 849f d437 0000 0000 .......8...7....<br />0x0020: 8002 ffff ac6d 0000 0204 05b4 0103 0308 .....m..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55534 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345280 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:33 0110021 IP 192.168.1.100.55535 &gt; 192.168.1.240.3128 : proto TCP: S 784044582:784044582(0) win 65535 checksum : 17506<br />0x0000: 4500 0034 2e5c 4000 8006 47c3 c0a8 0164 E..4.\@...G....d<br />0x0010: c0a8 01f0 d8ef 0c38 2ebb 9226 0000 0000 .......8...&amp;....<br />0x0020: 8002 ffff 4462 0000 0204 05b4 0103 0308 ....Db..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55535 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345280 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:33 0110021 IP 192.168.1.100.55536 &gt; 192.168.1.240.3128 : proto TCP: S 2393637410:2393637410(0) win 65535 checksum : 29812<br />0x0000: 4500 0034 2e5d 4000 8006 47c2 c0a8 0164 E..4.]@...G....d<br />0x0010: c0a8 01f0 d8f0 0c38 8eac 0222 0000 0000 .......8...&quot;....<br />0x0020: 8002 ffff 7474 0000 0204 05b4 0103 0308 ....tt..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55536 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345280 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0110021 IP 192.168.1.100.55537 &gt; 192.168.1.240.3128 : proto TCP: S 1131090382:1131090382(0) win 65535 checksum : 45064<br />0x0000: 4500 0034 2e5e 4000 8006 47c1 c0a8 0164 E..4.^@...G....d<br />0x0010: c0a8 01f0 d8f1 0c38 436b 11ce 0000 0000 .......8Ck......<br />0x0020: 8002 ffff b008 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55537 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345280 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0102021 IP 192.168.1.100.55299 &gt; 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394<br />0x0000: 4500 0028 2e5f 0000 8006 b84c c0a8 0164 E..(._.....L...d<br />0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.<br />0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........<br />Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0102021 IP 192.168.1.100.55301 &gt; 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619<br />0x0000: 4500 0028 2e60 0000 8006 b84b c0a8 0164 E..(.`.....K...d<br />0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.<br />0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........<br />Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0102021 IP 192.168.1.100.55300 &gt; 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385<br />0x0000: 4500 0028 2e61 0000 8006 b84a c0a8 0164 E..(.a.....J...d<br />0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......<br />0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0102021 IP 192.168.1.100.55302 &gt; 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315<br />0x0000: 4500 0028 2e62 0000 8006 b849 c0a8 0164 E..(.b.....I...d<br />0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.<br />0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........<br />Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0110021 IP 192.168.1.100.55538 &gt; 10.10.0.11.445 : proto TCP: S 3000427207:3000427207(0) win 8192 checksum : 4769<br />0x0000: 4500 0034 505c 4000 7f06 df46 c0a8 0164 E..4P\@....F...d<br />0x0010: 0a0a 000b d8f2 01bd b2d6 e2c7 0000 0000 ................<br />0x0020: 8002 2000 12a1 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55538 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=2570345280 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0102021 IP 192.168.1.100.55299 &gt; 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394<br />0x0000: 4500 0028 2e64 0000 8006 b847 c0a8 0164 E..(.d.....G...d<br />0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.<br />0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........<br />Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0102021 IP 192.168.1.100.55301 &gt; 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619<br />0x0000: 4500 0028 2e65 0000 8006 b846 c0a8 0164 E..(.e.....F...d<br />0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.<br />0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........<br />Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0102021 IP 192.168.1.100.55300 &gt; 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385<br />0x0000: 4500 0028 2e63 0000 8006 b848 c0a8 0164 E..(.c.....H...d<br />0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......<br />0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0102021 IP 192.168.1.100.55302 &gt; 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315<br />0x0000: 4500 0028 2e66 0000 8006 b845 c0a8 0164 E..(.f.....E...d<br />0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.<br />0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........<br />Date=2016-07-22 Time=08:31:34 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0110021 IP 192.168.1.100.55534 &gt; 192.168.1.240.3128 : proto TCP: S 2225067063:2225067063(0) win 65535 checksum : 44141<br />0x0000: 4500 0034 2e67 4000 8006 47b8 c0a8 0164 E..4.g@...G....d<br />0x0010: c0a8 01f0 d8ee 0c38 849f d437 0000 0000 .......8...7....<br />0x0020: 8002 ffff ac6d 0000 0204 05b4 0103 0308 .....m..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55534 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0110021 IP 192.168.1.100.55535 &gt; 192.168.1.240.3128 : proto TCP: S 784044582:784044582(0) win 65535 checksum : 17506<br />0x0000: 4500 0034 2e68 4000 8006 47b7 c0a8 0164 E..4.h@...G....d<br />0x0010: c0a8 01f0 d8ef 0c38 2ebb 9226 0000 0000 .......8...&amp;....<br />0x0020: 8002 ffff 4462 0000 0204 05b4 0103 0308 ....Db..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55535 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:34 0110021 IP 192.168.1.100.55536 &gt; 192.168.1.240.3128 : proto TCP: S 2393637410:2393637410(0) win 65535 checksum : 29812<br />0x0000: 4500 0034 2e69 4000 8006 47b6 c0a8 0164 E..4.i@...G....d<br />0x0010: c0a8 01f0 d8f0 0c38 8eac 0222 0000 0000 .......8...&quot;....<br />0x0020: 8002 ffff 7474 0000 0204 05b4 0103 0308 ....tt..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:34 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55536 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:35 0110021 IP 192.168.1.100.55537 &gt; 192.168.1.240.3128 : proto TCP: S 1131090382:1131090382(0) win 65535 checksum : 45064<br />0x0000: 4500 0034 2e6a 4000 8006 47b5 c0a8 0164 E..4.j@...G....d<br />0x0010: c0a8 01f0 d8f1 0c38 436b 11ce 0000 0000 .......8Ck......<br />0x0020: 8002 ffff b008 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55537 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:35 0110021 IP 192.168.1.100.55539 &gt; 192.168.1.240.3128 : proto TCP: S 3638825863:3638825863(0) win 8192 checksum : 63699<br />0x0000: 4500 0034 5ca4 4000 8006 197b c0a8 0164 E..4\.@....{...d<br />0x0010: c0a8 01f0 d8f3 0c38 d8e4 1387 0000 0000 .......8........<br />0x0020: 8002 2000 f8d3 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55539 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:35 0110021 IP 192.168.1.100.55541 &gt; 192.168.1.240.3128 : proto TCP: S 1304003166:1304003166(0) win 8192 checksum : 5414<br />0x0000: 4500 0034 3acf 4000 8006 3b50 c0a8 0164 E..4:.@...;P...d<br />0x0010: c0a8 01f0 d8f5 0c38 4db9 825e 0000 0000 .......8M..^....<br />0x0020: 8002 2000 1526 0000 0204 05b4 0103 0308 .....&amp;..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55541 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:35 0110021 IP 192.168.1.100.55540 &gt; 192.168.1.240.3128 : proto TCP: S 1406539676:1406539676(0) win 8192 checksum : 31180<br />0x0000: 4500 0034 0e4b 4000 8006 67d4 c0a8 0164 E..4.K@...g....d<br />0x0010: c0a8 01f0 d8f4 0c38 53d6 179c 0000 0000 .......8S.......<br />0x0020: 8002 2000 79cc 0000 0204 05b4 0103 0308 ....y...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55540 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570344000 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:35 0110021 IP 192.168.1.100.55542 &gt; 172.16.100.1.63000 : proto TCP: S 1833238893:1833238893(0) win 8192 checksum : 16176<br />0x0000: 4500 0034 46cd 4000 7f06 e2d8 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d8f6 f618 6d45 016d 0000 0000 ..d.....mE.m....<br />0x0020: 8002 2000 3f30 0000 0204 05b4 0103 0308 ....?0..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55542 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2844875264 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:35 0110021 IP 192.168.1.100.55531 &gt; 192.168.1.240.3128 : proto TCP: S 3816228924:3816228924(0) win 8192 checksum : 63891<br />0x0000: 4500 0034 2408 4000 8006 5217 c0a8 0164 E..4$.@...R....d<br />0x0010: c0a8 01f0 d8eb 0c38 e377 083c 0000 0000 .......8.w.&lt;....<br />0x0020: 8002 2000 f993 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:35 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55531 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392830272 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:35 0102021 IP 192.168.1.100.55299 &gt; 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394<br />0x0000: 4500 0028 2e6b 0000 8006 b840 c0a8 0164 E..(.k.....@...d<br />0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.<br />0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........<br />Date=2016-07-22 Time=08:31:35 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:36 0102021 IP 192.168.1.100.55301 &gt; 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619<br />0x0000: 4500 0028 2e6c 0000 8006 b83f c0a8 0164 E..(.l.....?...d<br />0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.<br />0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........<br />Date=2016-07-22 Time=08:31:36 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:36 0102021 IP 192.168.1.100.55300 &gt; 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385<br />0x0000: 4500 0028 2e6d 0000 8006 b83e c0a8 0164 E..(.m.....&gt;...d<br />0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......<br />0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:31:36 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:36 0102021 IP 192.168.1.100.55302 &gt; 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315<br />0x0000: 4500 0028 2e6e 0000 8006 b83d c0a8 0164 E..(.n.....=...d<br />0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.<br />0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........<br />Date=2016-07-22 Time=08:31:36 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:36 0110021 IP 192.168.1.100.55532 &gt; 192.168.1.240.3128 : proto TCP: S 334875236:334875236(0) win 8192 checksum : 1773<br />0x0000: 4500 0034 2a15 4000 8006 4c0a c0a8 0164 E..4*.@...L....d<br />0x0010: c0a8 01f0 d8ec 0c38 13f5 ca64 0000 0000 .......8...d....<br />0x0020: 8002 2000 06ed 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55532 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2975501760 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:36 0110021 IP 192.168.1.100.55533 &gt; 192.168.1.240.3128 : proto TCP: S 371773817:371773817(0) win 8192 checksum : 64931<br />0x0000: 4500 0034 2a16 4000 8006 4c09 c0a8 0164 E..4*.@...L....d<br />0x0010: c0a8 01f0 d8ed 0c38 1628 d179 0000 0000 .......8.(.y....<br />0x0020: 8002 2000 fda3 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55533 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2975499200 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:36 0110021 IP 192.168.1.100.55534 &gt; 192.168.1.240.3128 : proto TCP: S 2225067063:2225067063(0) win 65535 checksum : 49276<br />0x0000: 4500 0030 2e6f 4000 8006 47b4 c0a8 0164 E..0.o@...G....d<br />0x0010: c0a8 01f0 d8ee 0c38 849f d437 0000 0000 .......8...7....<br />0x0020: 7002 ffff c07c 0000 0204 05b4 0101 0402 p....|..........<br />Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55534 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392829952 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:36 0110021 IP 192.168.1.100.55535 &gt; 192.168.1.240.3128 : proto TCP: S 784044582:784044582(0) win 65535 checksum : 22641<br />0x0000: 4500 0030 2e70 4000 8006 47b3 c0a8 0164 E..0.p@...G....d<br />0x0010: c0a8 01f0 d8ef 0c38 2ebb 9226 0000 0000 .......8...&amp;....<br />0x0020: 7002 ffff 5871 0000 0204 05b4 0101 0402 p...Xq..........<br />Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55535 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392829952 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:36 0110021 IP 192.168.1.100.55536 &gt; 192.168.1.240.3128 : proto TCP: S 2393637410:2393637410(0) win 65535 checksum : 34947<br />0x0000: 4500 0030 2e71 4000 8006 47b2 c0a8 0164 E..0.q@...G....d<br />0x0010: c0a8 01f0 d8f0 0c38 8eac 0222 0000 0000 .......8...&quot;....<br />0x0020: 7002 ffff 8883 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55536 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392829952 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:37 0110021 IP 192.168.1.100.55537 &gt; 192.168.1.240.3128 : proto TCP: S 1131090382:1131090382(0) win 65535 checksum : 50199<br />0x0000: 4500 0030 2e72 4000 8006 47b1 c0a8 0164 E..0.r@...G....d<br />0x0010: c0a8 01f0 d8f1 0c38 436b 11ce 0000 0000 .......8Ck......<br />0x0020: 7002 ffff c417 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:37 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55537 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2392829952 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:37 0110021 IP 192.168.1.100.55538 &gt; 10.10.0.11.445 : proto TCP: S 3000427207:3000427207(0) win 8192 checksum : 4769<br />0x0000: 4500 0034 505f 4000 7f06 df43 c0a8 0164 E..4P_@....C...d<br />0x0010: 0a0a 000b d8f2 01bd b2d6 e2c7 0000 0000 ................<br />0x0020: 8002 2000 12a1 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:37 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55538 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=2485678400 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:38 0110021 IP 192.168.1.100.55541 &gt; 192.168.1.240.3128 : proto TCP: S 1304003166:1304003166(0) win 8192 checksum : 5414<br />0x0000: 4500 0034 3ad0 4000 8006 3b4f c0a8 0164 E..4:.@...;O...d<br />0x0010: c0a8 01f0 d8f5 0c38 4db9 825e 0000 0000 .......8M..^....<br />0x0020: 8002 2000 1526 0000 0204 05b4 0103 0308 .....&amp;..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55541 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062208 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:38 0110021 IP 192.168.1.100.55539 &gt; 192.168.1.240.3128 : proto TCP: S 3638825863:3638825863(0) win 8192 checksum : 63699<br />0x0000: 4500 0034 5ca5 4000 8006 197a c0a8 0164 E..4\.@....z...d<br />0x0010: c0a8 01f0 d8f3 0c38 d8e4 1387 0000 0000 .......8........<br />0x0020: 8002 2000 f8d3 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55539 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062208 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:38 0110021 IP 192.168.1.100.55540 &gt; 192.168.1.240.3128 : proto TCP: S 1406539676:1406539676(0) win 8192 checksum : 31180<br />0x0000: 4500 0034 0e4c 4000 8006 67d3 c0a8 0164 E..4.L@...g....d<br />0x0010: c0a8 01f0 d8f4 0c38 53d6 179c 0000 0000 .......8S.......<br />0x0020: 8002 2000 79cc 0000 0204 05b4 0103 0308 ....y...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55540 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062208 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:38 0102021 IP 192.168.1.100.55299 &gt; 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394<br />0x0000: 4500 0028 2e73 0000 8006 b838 c0a8 0164 E..(.s.....8...d<br />0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.<br />0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........<br />Date=2016-07-22 Time=08:31:38 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:38 0102021 IP 192.168.1.100.55302 &gt; 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315<br />0x0000: 4500 0028 2e74 0000 8006 b837 c0a8 0164 E..(.t.....7...d<br />0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.<br />0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........<br />Date=2016-07-22 Time=08:31:38 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:38 0102021 IP 192.168.1.100.55301 &gt; 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619<br />0x0000: 4500 0028 2e76 0000 8006 b835 c0a8 0164 E..(.v.....5...d<br />0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.<br />0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........<br />Date=2016-07-22 Time=08:31:38 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:38 0102021 IP 192.168.1.100.55300 &gt; 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385<br />0x0000: 4500 0028 2e75 0000 8006 b836 c0a8 0164 E..(.u.....6...d<br />0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......<br />0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:31:38 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:38 0110021 IP 192.168.1.100.55542 &gt; 172.16.100.1.63000 : proto TCP: S 1833238893:1833238893(0) win 8192 checksum : 16176<br />0x0000: 4500 0034 46ce 4000 7f06 e2d7 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d8f6 f618 6d45 016d 0000 0000 ..d.....mE.m....<br />0x0020: 8002 2000 3f30 0000 0204 05b4 0103 0308 ....?0..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55542 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2696062208 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:38 0110021 IP 192.168.1.100.55545 &gt; 192.168.1.240.3128 : proto TCP: S 2956320431:2956320431(0) win 65535 checksum : 30292<br />0x0000: 4500 0034 2e77 4000 8006 47a8 c0a8 0164 E..4.w@...G....d<br />0x0010: c0a8 01f0 d8f9 0c38 b035 deaf 0000 0000 .......8.5......<br />0x0020: 8002 ffff 7654 0000 0204 05b4 0103 0308 ....vT..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55545 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062848 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:39 0110021 IP 192.168.1.100.55545 &gt; 192.168.1.240.3128 : proto TCP: S 2956320431:2956320431(0) win 65535 checksum : 30292<br />0x0000: 4500 0034 2e78 4000 8006 47a7 c0a8 0164 E..4.x@...G....d<br />0x0010: c0a8 01f0 d8f9 0c38 b035 deaf 0000 0000 .......8.5......<br />0x0020: 8002 ffff 7654 0000 0204 05b4 0103 0308 ....vT..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:39 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55545 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062848 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:40 0110021 IP 192.168.1.100.55546 &gt; 192.168.1.240.3128 : proto TCP: S 4046358471:4046358471(0) win 65535 checksum : 35906<br />0x0000: 4500 0034 2e79 4000 8006 47a6 c0a8 0164 E..4.y@...G....d<br />0x0010: c0a8 01f0 d8fa 0c38 f12e 87c7 0000 0000 .......8........<br />0x0020: 8002 ffff 8c42 0000 0204 05b4 0103 0308 .....B..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:40 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55546 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696064448 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:40 0110021 IP 192.168.1.100.55547 &gt; 192.168.1.240.3128 : proto TCP: S 768339368:768339368(0) win 65535 checksum : 59843<br />0x0000: 4500 0034 2e7a 4000 8006 47a5 c0a8 0164 E..4.z@...G....d<br />0x0010: c0a8 01f0 d8fb 0c38 2dcb eda8 0000 0000 .......8-.......<br />0x0020: 8002 ffff e9c3 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:40 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55547 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696063488 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:40 0110021 IP 192.168.1.100.55548 &gt; 192.168.1.240.3128 : proto TCP: S 2229912160:2229912160(0) win 65535 checksum : 48620<br />0x0000: 4500 0034 2e7b 4000 8006 47a4 c0a8 0164 E..4.{@...G....d<br />0x0010: c0a8 01f0 d8fc 0c38 84e9 c260 0000 0000 .......8...`....<br />0x0020: 8002 ffff bdec 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:40 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55548 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696063488 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:41 0110021 IP 192.168.1.100.55549 &gt; 192.168.1.240.3128 : proto TCP: S 200343029:200343029(0) win 65535 checksum : 64335<br />0x0000: 4500 0034 2e7c 4000 8006 47a3 c0a8 0164 E..4.|@...G....d<br />0x0010: c0a8 01f0 d8fd 0c38 0bf0 fdf5 0000 0000 .......8........<br />0x0020: 8002 ffff fb4f 0000 0204 05b4 0103 0308 .....O..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55549 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696064128 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:41 0110021 IP 192.168.1.100.55531 &gt; 192.168.1.240.3128 : proto TCP: S 3816228924:3816228924(0) win 8192 checksum : 3491<br />0x0000: 4500 0030 240e 4000 8006 5215 c0a8 0164 E..0$.@...R....d<br />0x0010: c0a8 01f0 d8eb 0c38 e377 083c 0000 0000 .......8.w.&lt;....<br />0x0020: 7002 2000 0da3 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55531 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3961010688 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:41 0110021 IP 192.168.1.100.55546 &gt; 192.168.1.240.3128 : proto TCP: S 4046358471:4046358471(0) win 65535 checksum : 35906<br />0x0000: 4500 0034 2e7d 4000 8006 47a2 c0a8 0164 E..4.}@...G....d<br />0x0010: c0a8 01f0 d8fa 0c38 f12e 87c7 0000 0000 .......8........<br />0x0020: 8002 ffff 8c42 0000 0204 05b4 0103 0308 .....B..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55546 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486720 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:41 0110021 IP 192.168.1.100.55545 &gt; 192.168.1.240.3128 : proto TCP: S 2956320431:2956320431(0) win 65535 checksum : 35427<br />0x0000: 4500 0030 2e7e 4000 8006 47a5 c0a8 0164 E..0.~@...G....d<br />0x0010: c0a8 01f0 d8f9 0c38 b035 deaf 0000 0000 .......8.5......<br />0x0020: 7002 ffff 8a63 0000 0204 05b4 0101 0402 p....c..........<br />Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55545 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486720 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:41 0110021 IP 192.168.1.100.55547 &gt; 192.168.1.240.3128 : proto TCP: S 768339368:768339368(0) win 65535 checksum : 59843<br />0x0000: 4500 0034 2e7f 4000 8006 47a0 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d8fb 0c38 2dcb eda8 0000 0000 .......8-.......<br />0x0020: 8002 ffff e9c3 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55547 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486720 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:41 0110021 IP 192.168.1.100.55548 &gt; 192.168.1.240.3128 : proto TCP: S 2229912160:2229912160(0) win 65535 checksum : 48620<br />0x0000: 4500 0034 2e80 4000 8006 479f c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d8fc 0c38 84e9 c260 0000 0000 .......8...`....<br />0x0020: 8002 ffff bdec 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55548 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486720 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:42 0110021 IP 192.168.1.100.55549 &gt; 192.168.1.240.3128 : proto TCP: S 200343029:200343029(0) win 65535 checksum : 64335<br />0x0000: 4500 0034 2e81 4000 8006 479e c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d8fd 0c38 0bf0 fdf5 0000 0000 .......8........<br />0x0020: 8002 ffff fb4f 0000 0204 05b4 0103 0308 .....O..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55549 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4123403840 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:42 0110021 IP 192.168.1.100.55532 &gt; 192.168.1.240.3128 : proto TCP: S 334875236:334875236(0) win 8192 checksum : 6908<br />0x0000: 4500 0030 2a17 4000 8006 4c0c c0a8 0164 E..0*.@...L....d<br />0x0010: c0a8 01f0 d8ec 0c38 13f5 ca64 0000 0000 .......8...d....<br />0x0020: 7002 2000 1afc 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55532 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:42 0110021 IP 192.168.1.100.55533 &gt; 192.168.1.240.3128 : proto TCP: S 371773817:371773817(0) win 8192 checksum : 4531<br />0x0000: 4500 0030 2a18 4000 8006 4c0b c0a8 0164 E..0*.@...L....d<br />0x0010: c0a8 01f0 d8ed 0c38 1628 d179 0000 0000 .......8.(.y....<br />0x0020: 7002 2000 11b3 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55533 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:43 0110021 IP 192.168.1.100.55552 &gt; 172.16.100.1.63000 : proto TCP: S 708867795:708867795(0) win 8192 checksum : 3269<br />0x0000: 4500 0034 46cf 4000 7f06 e2d6 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d900 f618 2a40 76d3 0000 0000 ..d.....*@v.....<br />0x0020: 8002 2000 0cc5 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55552 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3664487360 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:43 0102021 IP 192.168.1.100.55299 &gt; 204.79.197.200.443 : proto TCP: F 816133675:816133675(0) win 1022 checksum : 28394<br />0x0000: 4500 0028 2e82 0000 8006 b829 c0a8 0164 E..(.......)...d<br />0x0010: cc4f c5c8 d803 01bb 30a5 362b 463d 61fa .O......0.6+F=a.<br />0x0020: 5011 03fe 6eea 0000 0000 0000 0000 P...n.........<br />Date=2016-07-22 Time=08:31:43 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:43 0102021 IP 192.168.1.100.55302 &gt; 204.79.197.200.443 : proto TCP: F 2431775252:2431775252(0) win 1019 checksum : 65315<br />0x0000: 4500 0028 2e83 0000 8006 b828 c0a8 0164 E..(.......(...d<br />0x0010: cc4f c5c8 d806 01bb 90f1 f214 b8f5 42d2 .O............B.<br />0x0020: 5011 03fb ff23 0000 0000 0000 0000 P....#........<br />Date=2016-07-22 Time=08:31:43 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:43 0102021 IP 192.168.1.100.55301 &gt; 204.79.197.200.443 : proto TCP: F 2078619921:2078619921(0) win 1023 checksum : 28619<br />0x0000: 4500 0028 2e84 0000 8006 b827 c0a8 0164 E..(.......&#39;...d<br />0x0010: cc4f c5c8 d805 01bb 7be5 3911 3519 2414 .O......{.9.5.$.<br />0x0020: 5011 03ff 6fcb 0000 0000 0000 0000 P...o.........<br />Date=2016-07-22 Time=08:31:43 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:43 0102021 IP 192.168.1.100.55300 &gt; 204.79.197.200.443 : proto TCP: F 1719719809:1719719809(0) win 1023 checksum : 38385<br />0x0000: 4500 0028 2e85 0000 8006 b826 c0a8 0164 E..(.......&amp;...d<br />0x0010: cc4f c5c8 d804 01bb 6680 d781 f8e2 b119 .O......f.......<br />0x0020: 5011 03ff 95f1 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:31:43 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:43 0110021 IP 192.168.1.100.55538 &gt; 10.10.0.11.445 : proto TCP: S 3000427207:3000427207(0) win 8192 checksum : 9904<br />0x0000: 4500 0030 5060 4000 7f06 df46 c0a8 0164 E..0P`@....F...d<br />0x0010: 0a0a 000b d8f2 01bd b2d6 e2c7 0000 0000 ................<br />0x0020: 7002 2000 26b0 0000 0204 05b4 0101 0402 p...&amp;...........<br />Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55538 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3664487360 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:43 0110021 IP 192.168.1.100.55546 &gt; 192.168.1.240.3128 : proto TCP: S 4046358471:4046358471(0) win 65535 checksum : 41041<br />0x0000: 4500 0030 2e86 4000 8006 479d c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d8fa 0c38 f12e 87c7 0000 0000 .......8........<br />0x0020: 7002 ffff a051 0000 0204 05b4 0101 0402 p....Q..........<br />Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55546 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:43 0110021 IP 192.168.1.100.55547 &gt; 192.168.1.240.3128 : proto TCP: S 768339368:768339368(0) win 65535 checksum : 64978<br />0x0000: 4500 0030 2e87 4000 8006 479c c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d8fb 0c38 2dcb eda8 0000 0000 .......8-.......<br />0x0020: 7002 ffff fdd2 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55547 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:43 0110021 IP 192.168.1.100.55548 &gt; 192.168.1.240.3128 : proto TCP: S 2229912160:2229912160(0) win 65535 checksum : 53755<br />0x0000: 4500 0030 2e88 4000 8006 479b c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d8fc 0c38 84e9 c260 0000 0000 .......8...`....<br />0x0020: 7002 ffff d1fb 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:43 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55548 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:44 0110021 IP 192.168.1.100.55549 &gt; 192.168.1.240.3128 : proto TCP: S 200343029:200343029(0) win 65535 checksum : 3935<br />0x0000: 4500 0030 2e89 4000 8006 479a c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d8fd 0c38 0bf0 fdf5 0000 0000 .......8........<br />0x0020: 7002 ffff 0f5f 0000 0204 05b4 0101 0402 p...._..........<br />Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55549 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:44 0110021 IP 192.168.1.100.55539 &gt; 192.168.1.240.3128 : proto TCP: S 3638825863:3638825863(0) win 8192 checksum : 3299<br />0x0000: 4500 0030 5ca6 4000 8006 197d c0a8 0164 E..0\.@....}...d<br />0x0010: c0a8 01f0 d8f3 0c38 d8e4 1387 0000 0000 .......8........<br />0x0020: 7002 2000 0ce3 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55539 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:44 0110021 IP 192.168.1.100.55540 &gt; 192.168.1.240.3128 : proto TCP: S 1406539676:1406539676(0) win 8192 checksum : 36315<br />0x0000: 4500 0030 0e4d 4000 8006 67d6 c0a8 0164 E..0.M@...g....d<br />0x0010: c0a8 01f0 d8f4 0c38 53d6 179c 0000 0000 .......8S.......<br />0x0020: 7002 2000 8ddb 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55540 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:44 0110021 IP 192.168.1.100.55541 &gt; 192.168.1.240.3128 : proto TCP: S 1304003166:1304003166(0) win 8192 checksum : 10549<br />0x0000: 4500 0030 3ad1 4000 8006 3b52 c0a8 0164 E..0:.@...;R...d<br />0x0010: c0a8 01f0 d8f5 0c38 4db9 825e 0000 0000 .......8M..^....<br />0x0020: 7002 2000 2935 0000 0204 05b4 0101 0402 p...)5..........<br />Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55541 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664487360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:44 0110021 IP 192.168.1.100.55542 &gt; 172.16.100.1.63000 : proto TCP: S 1833238893:1833238893(0) win 8192 checksum : 21311<br />0x0000: 4500 0030 46d0 4000 7f06 e2d9 c0a8 0164 E..0F.@........d<br />0x0010: ac10 6401 d8f6 f618 6d45 016d 0000 0000 ..d.....mE.m....<br />0x0020: 7002 2000 533f 0000 0204 05b4 0101 0402 p...S?..........<br />Date=2016-07-22 Time=08:31:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55542 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3664487360 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:46 0110021 IP 192.168.1.100.55552 &gt; 172.16.100.1.63000 : proto TCP: S 708867795:708867795(0) win 8192 checksum : 3269<br />0x0000: 4500 0034 46d1 4000 7f06 e2d4 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d900 f618 2a40 76d3 0000 0000 ..d.....*@v.....<br />0x0020: 8002 2000 0cc5 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:46 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55552 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2845349760 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:47 0110021 IP 192.168.1.100.55555 &gt; 10.10.0.10.2172 : proto TCP: S 784113761:784113761(0) win 8192 checksum : 53842<br />0x0000: 4500 0034 2a1a 4000 7f06 058a c0a8 0164 E..4*.@........d<br />0x0010: 0a0a 000a d903 087c 2ebc a061 0000 0000 .......|...a....<br />0x0020: 8002 2000 d252 0000 0204 05b4 0103 0308 .....R..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.10 l4_protocol=TCP source_port=55555 dest_port=2172 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3665591104 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:47 0110021 IP 192.168.1.100.55556 &gt; 192.168.1.240.3128 : proto TCP: S 3318257868:3318257868(0) win 65535 checksum : 42649<br />0x0000: 4500 0034 2e8a 4000 8006 4795 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d904 0c38 c5c8 98cc 0000 0000 .......8........<br />0x0020: 8002 ffff a699 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55556 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3665591104 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:47 0110021 IP 192.168.1.100.55557 &gt; 192.168.1.240.3128 : proto TCP: S 3145586173:3145586173(0) win 65535 checksum : 29618<br />0x0000: 4500 0034 2e8b 4000 8006 4794 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d905 0c38 bb7d d5fd 0000 0000 .......8.}......<br />0x0020: 8002 ffff 73b2 0000 0204 05b4 0103 0308 ....s...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55557 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3665591104 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:48 0110021 IP 192.168.1.100.55558 &gt; 192.168.1.240.3128 : proto TCP: S 2814865323:2814865323(0) win 65535 checksum : 60857<br />0x0000: 4500 0034 2e8c 4000 8006 4793 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d906 0c38 a7c7 6fab 0000 0000 .......8..o.....<br />0x0020: 8002 ffff edb9 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:48 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55558 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3665591104 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:48 0110021 IP 192.168.1.100.55556 &gt; 192.168.1.240.3128 : proto TCP: S 3318257868:3318257868(0) win 65535 checksum : 42649<br />0x0000: 4500 0034 2e8d 4000 8006 4792 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d904 0c38 c5c8 98cc 0000 0000 .......8........<br />0x0020: 8002 ffff a699 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:48 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55556 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2304414016 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:48 0110021 IP 192.168.1.100.55557 &gt; 192.168.1.240.3128 : proto TCP: S 3145586173:3145586173(0) win 65535 checksum : 29618<br />0x0000: 4500 0034 2e8e 4000 8006 4791 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d905 0c38 bb7d d5fd 0000 0000 .......8.}......<br />0x0020: 8002 ffff 73b2 0000 0204 05b4 0103 0308 ....s...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:48 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55557 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2304414016 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:49 0110021 IP 192.168.1.100.55558 &gt; 192.168.1.240.3128 : proto TCP: S 2814865323:2814865323(0) win 65535 checksum : 60857<br />0x0000: 4500 0034 2e8f 4000 8006 4790 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d906 0c38 a7c7 6fab 0000 0000 .......8..o.....<br />0x0020: 8002 ffff edb9 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:49 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55558 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2304414016 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:50 0110021 IP 192.168.1.100.55555 &gt; 10.10.0.10.2172 : proto TCP: S 784113761:784113761(0) win 8192 checksum : 53842<br />0x0000: 4500 0034 2a1b 4000 7f06 0589 c0a8 0164 E..4*.@........d<br />0x0010: 0a0a 000a d903 087c 2ebc a061 0000 0000 .......|...a....<br />0x0020: 8002 2000 d252 0000 0204 05b4 0103 0308 .....R..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:50 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.10 l4_protocol=TCP source_port=55555 dest_port=2172 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3664486400 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:50 0110021 IP 192.168.1.100.55556 &gt; 192.168.1.240.3128 : proto TCP: S 3318257868:3318257868(0) win 65535 checksum : 47784<br />0x0000: 4500 0030 2e90 4000 8006 4793 c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d904 0c38 c5c8 98cc 0000 0000 .......8........<br />0x0020: 7002 ffff baa8 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:50 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55556 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486400 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:50 0110021 IP 192.168.1.100.55557 &gt; 192.168.1.240.3128 : proto TCP: S 3145586173:3145586173(0) win 65535 checksum : 34753<br />0x0000: 4500 0030 2e91 4000 8006 4792 c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d905 0c38 bb7d d5fd 0000 0000 .......8.}......<br />0x0020: 7002 ffff 87c1 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:50 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55557 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486400 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:51 0110021 IP 192.168.1.100.55558 &gt; 192.168.1.240.3128 : proto TCP: S 2814865323:2814865323(0) win 65535 checksum : 457<br />0x0000: 4500 0030 2e92 4000 8006 4791 c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d906 0c38 a7c7 6fab 0000 0000 .......8..o.....<br />0x0020: 7002 ffff 01c9 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:51 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55558 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664486400 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:52 0110021 IP 192.168.1.100.55552 &gt; 172.16.100.1.63000 : proto TCP: S 708867795:708867795(0) win 8192 checksum : 8404<br />0x0000: 4500 0030 46d2 4000 7f06 e2d7 c0a8 0164 E..0F.@........d<br />0x0010: ac10 6401 d900 f618 2a40 76d3 0000 0000 ..d.....*@v.....<br />0x0020: 7002 2000 20d4 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:52 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55552 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3664486400 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:52 0102021 IP 192.168.1.100.55299 &gt; 204.79.197.200.443 : proto TCP: R 816133676:816133676(0) checksum : 29412<br />0x0000: 4500 0028 2e93 0000 8006 b818 c0a8 0164 E..(...........d<br />0x0010: cc4f c5c8 d803 01bb 30a5 362c 463d 61fa .O......0.6,F=a.<br />0x0020: 5014 0000 72e4 0000 0000 0000 0000 P...r.........<br />Date=2016-07-22 Time=08:31:52 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55299 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:52 0102021 IP 192.168.1.100.55302 &gt; 204.79.197.200.443 : proto TCP: R 2431775253:2431775253(0) checksum : 795<br />0x0000: 4500 0028 2e94 0000 8006 b817 c0a8 0164 E..(...........d<br />0x0010: cc4f c5c8 d806 01bb 90f1 f215 b8f5 42d2 .O............B.<br />0x0020: 5014 0000 031b 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:31:52 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55302 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:52 0102021 IP 192.168.1.100.55300 &gt; 204.79.197.200.443 : proto TCP: R 1719719810:1719719810(0) checksum : 39404<br />0x0000: 4500 0028 2e96 0000 8006 b815 c0a8 0164 E..(...........d<br />0x0010: cc4f c5c8 d804 01bb 6680 d782 f8e2 b119 .O......f.......<br />0x0020: 5014 0000 99ec 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:31:52 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55300 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:52 0102021 IP 192.168.1.100.55301 &gt; 204.79.197.200.443 : proto TCP: R 2078619922:2078619922(0) checksum : 29638<br />0x0000: 4500 0028 2e95 0000 8006 b816 c0a8 0164 E..(...........d<br />0x0010: cc4f c5c8 d805 01bb 7be5 3912 3519 2414 .O......{.9.5.$.<br />0x0020: 5014 0000 73c6 0000 0000 0000 0000 P...s.........<br />Date=2016-07-22 Time=08:31:52 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=204.79.197.200 l4_protocol=TCP source_port=55301 dest_port=443 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:52 0110021 IP 192.168.1.100.55561 &gt; 192.168.1.240.3128 : proto TCP: S 1633958986:1633958986(0) win 65535 checksum : 26491<br />0x0000: 4500 0034 2e97 4000 8006 4788 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d909 0c38 6164 3c4a 0000 0000 .......8ad&lt;J....<br />0x0020: 8002 ffff 677b 0000 0204 05b4 0103 0308 ....g{..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:52 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55561 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664488320 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:53 0110021 IP 192.168.1.100.55562 &gt; 192.168.1.240.3128 : proto TCP: S 1352632981:1352632981(0) win 8192 checksum : 2548<br />0x0000: 4500 0034 18c2 4000 8006 5d5d c0a8 0164 E..4..@...]]...d<br />0x0010: c0a8 01f0 d90a 0c38 509f 8a95 0000 0000 .......8P.......<br />0x0020: 8002 2000 09f4 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55562 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664488320 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:53 0110021 IP 192.168.1.100.55563 &gt; 192.168.1.240.3128 : proto TCP: S 2490719878:2490719878(0) win 8192 checksum : 61995<br />0x0000: 4500 0034 1380 4000 8006 629f c0a8 0164 E..4..@...b....d<br />0x0010: c0a8 01f0 d90b 0c38 9475 5e86 0000 0000 .......8.u^.....<br />0x0020: 8002 2000 f22b 0000 0204 05b4 0103 0308 .....+..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55563 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696451328 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:53 0110021 IP 192.168.1.100.55561 &gt; 192.168.1.240.3128 : proto TCP: S 1633958986:1633958986(0) win 65535 checksum : 26491<br />0x0000: 4500 0034 2e98 4000 8006 4787 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d909 0c38 6164 3c4a 0000 0000 .......8ad&lt;J....<br />0x0020: 8002 ffff 677b 0000 0204 05b4 0103 0308 ....g{..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55561 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696451328 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:54 0110021 IP 192.168.1.100.55564 &gt; 192.168.1.240.3128 : proto TCP: S 3606053714:3606053714(0) win 65535 checksum : 10980<br />0x0000: 4500 0034 2e99 4000 8006 4786 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d90c 0c38 d6f0 0352 0000 0000 .......8...R....<br />0x0020: 8002 ffff 2ae4 0000 0204 05b4 0103 0308 ....*...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:54 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55564 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963451904 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:55 0110021 IP 192.168.1.100.55565 &gt; 192.168.1.240.3128 : proto TCP: S 3622975082:3622975082(0) win 65535 checksum : 63176<br />0x0000: 4500 0034 2e9a 4000 8006 4785 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d90d 0c38 d7f2 366a 0000 0000 .......8..6j....<br />0x0020: 8002 ffff f6c8 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:55 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55565 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963450624 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:55 0110021 IP 192.168.1.100.55566 &gt; 10.10.0.11.445 : proto TCP: S 1803105247:1803105247(0) win 8192 checksum : 2251<br />0x0000: 4500 0034 5064 4000 7f06 df3e c0a8 0164 E..4Pd@....&gt;...d<br />0x0010: 0a0a 000b d90e 01bd 6b79 33df 0000 0000 ........ky3.....<br />0x0020: 8002 2000 08cb 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:55 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55566 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3963450624 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:55 0110021 IP 192.168.1.100.55561 &gt; 192.168.1.240.3128 : proto TCP: S 1633958986:1633958986(0) win 65535 checksum : 31626<br />0x0000: 4500 0030 2e9b 4000 8006 4788 c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d909 0c38 6164 3c4a 0000 0000 .......8ad&lt;J....<br />0x0020: 7002 ffff 7b8a 0000 0204 05b4 0101 0402 p...{...........<br />Date=2016-07-22 Time=08:31:55 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55561 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963450624 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:55 0110021 IP 192.168.1.100.55564 &gt; 192.168.1.240.3128 : proto TCP: S 3606053714:3606053714(0) win 65535 checksum : 10980<br />0x0000: 4500 0034 2e9c 4000 8006 4783 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d90c 0c38 d6f0 0352 0000 0000 .......8...R....<br />0x0020: 8002 ffff 2ae4 0000 0204 05b4 0103 0308 ....*...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:55 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55564 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963450624 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:56 0110021 IP 192.168.1.100.55565 &gt; 192.168.1.240.3128 : proto TCP: S 3622975082:3622975082(0) win 65535 checksum : 63176<br />0x0000: 4500 0034 2e9d 4000 8006 4782 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d90d 0c38 d7f2 366a 0000 0000 .......8..6j....<br />0x0020: 8002 ffff f6c8 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55565 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963450624 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:56 0110021 IP 192.168.1.100.55567 &gt; 172.16.100.1.63000 : proto TCP: S 2719993823:2719993823(0) win 8192 checksum : 15306<br />0x0000: 4500 0034 46d3 4000 7f06 e2d2 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d90f f618 a21f cfdf 0000 0000 ..d.............<br />0x0020: 8002 2000 3bca 0000 0204 05b4 0103 0308 ....;...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55567 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3664698176 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:56 0110021 IP 192.168.1.100.55562 &gt; 192.168.1.240.3128 : proto TCP: S 1352632981:1352632981(0) win 8192 checksum : 2548<br />0x0000: 4500 0034 18c9 4000 8006 5d56 c0a8 0164 E..4..@...]V...d<br />0x0010: c0a8 01f0 d90a 0c38 509f 8a95 0000 0000 .......8P.......<br />0x0020: 8002 2000 09f4 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55562 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:56 0110021 IP 192.168.1.100.55563 &gt; 192.168.1.240.3128 : proto TCP: S 2490719878:2490719878(0) win 8192 checksum : 61995<br />0x0000: 4500 0034 1381 4000 8006 629e c0a8 0164 E..4..@...b....d<br />0x0010: c0a8 01f0 d90b 0c38 9475 5e86 0000 0000 .......8.u^.....<br />0x0020: 8002 2000 f22b 0000 0204 05b4 0103 0308 .....+..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55563 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:56 0110021 IP 192.168.1.100.55555 &gt; 10.10.0.10.2172 : proto TCP: S 784113761:784113761(0) win 8192 checksum : 58977<br />0x0000: 4500 0030 2a20 4000 7f06 0588 c0a8 0164 E..0*.@........d<br />0x0010: 0a0a 000a d903 087c 2ebc a061 0000 0000 .......|...a....<br />0x0020: 7002 2000 e661 0000 0204 05b4 0101 0402 p....a..........<br />Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.10 l4_protocol=TCP source_port=55555 dest_port=2172 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3664698176 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:56 0110021 IP 192.168.1.100.55570 &gt; 192.168.1.240.3128 : proto TCP: S 2250717763:2250717763(0) win 8192 checksum : 9398<br />0x0000: 4500 0034 6625 4000 8006 0ffa c0a8 0164 E..4f%@........d<br />0x0010: c0a8 01f0 d912 0c38 8627 3a43 0000 0000 .......8.&#39;:C....<br />0x0020: 8002 2000 24b6 0000 0204 05b4 0103 0308 ....$...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55570 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:57 0110021 IP 192.168.1.100.55571 &gt; 192.168.1.240.3128 : proto TCP: S 1265247014:1265247014(0) win 8192 checksum : 30351<br />0x0000: 4500 0034 6626 4000 8006 0ff9 c0a8 0164 E..4f&amp;@........d<br />0x0010: c0a8 01f0 d913 0c38 4b6a 2326 0000 0000 .......8Kj#&amp;....<br />0x0020: 8002 2000 768f 0000 0204 05b4 0103 0308 ....v...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:57 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55571 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698176 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:57 0110021 IP 192.168.1.100.55572 &gt; 192.168.1.240.3128 : proto TCP: S 2964374867:2964374867(0) win 65535 checksum : 36634<br />0x0000: 4500 0034 2e9e 4000 8006 4781 c0a8 0164 E..4..@...G....d<br />0x0010: c0a8 01f0 d914 0c38 b0b0 c553 0000 0000 .......8...S....<br />0x0020: 8002 ffff 8f1a 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:57 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55572 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698816 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:57 0110021 IP 192.168.1.100.55564 &gt; 192.168.1.240.3128 : proto TCP: S 3606053714:3606053714(0) win 65535 checksum : 16115<br />0x0000: 4500 0030 2e9f 4000 8006 4784 c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d90c 0c38 d6f0 0352 0000 0000 .......8...R....<br />0x0020: 7002 ffff 3ef3 0000 0204 05b4 0101 0402 p...&gt;...........<br />Date=2016-07-22 Time=08:31:57 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55564 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698816 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:58 0110021 IP 192.168.1.100.55565 &gt; 192.168.1.240.3128 : proto TCP: S 3622975082:3622975082(0) win 65535 checksum : 2776<br />0x0000: 4500 0030 2ea0 4000 8006 4783 c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d90d 0c38 d7f2 366a 0000 0000 .......8..6j....<br />0x0020: 7002 ffff 0ad8 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:31:58 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55565 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698816 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:58 0110021 IP 192.168.1.100.55566 &gt; 10.10.0.11.445 : proto TCP: S 1803105247:1803105247(0) win 8192 checksum : 2251<br />0x0000: 4500 0034 5069 4000 7f06 df39 c0a8 0164 E..4Pi@....9...d<br />0x0010: 0a0a 000b d90e 01bd 6b79 33df 0000 0000 ........ky3.....<br />0x0020: 8002 2000 08cb 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:58 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55566 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=3664698816 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:58 0110021 IP 192.168.1.100.55572 &gt; 192.168.1.240.3128 : proto TCP: S 2964374867:2964374867(0) win 65535 checksum : 36634<br />0x0000: 4500 0034 2ea1 4000 8006 477e c0a8 0164 E..4..@...G~...d<br />0x0010: c0a8 01f0 d914 0c38 b0b0 c553 0000 0000 .......8...S....<br />0x0020: 8002 ffff 8f1a 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:58 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55572 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664698816 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:59 0110021 IP 192.168.1.100.55567 &gt; 172.16.100.1.63000 : proto TCP: S 2719993823:2719993823(0) win 8192 checksum : 15306<br />0x0000: 4500 0034 46d4 4000 7f06 e2d1 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d90f f618 a21f cfdf 0000 0000 ..d.............<br />0x0020: 8002 2000 3bca 0000 0204 05b4 0103 0308 ....;...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:59 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55567 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=4081054016 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:31:59 0110021 IP 192.168.1.100.55570 &gt; 192.168.1.240.3128 : proto TCP: S 2250717763:2250717763(0) win 8192 checksum : 9398<br />0x0000: 4500 0034 6627 4000 8006 0ff8 c0a8 0164 E..4f&#39;@........d<br />0x0010: c0a8 01f0 d912 0c38 8627 3a43 0000 0000 .......8.&#39;:C....<br />0x0020: 8002 2000 24b6 0000 0204 05b4 0103 0308 ....$...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:31:59 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55570 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081054976 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:00 0110021 IP 192.168.1.100.55571 &gt; 192.168.1.240.3128 : proto TCP: S 1265247014:1265247014(0) win 8192 checksum : 30351<br />0x0000: 4500 0034 6628 4000 8006 0ff7 c0a8 0164 E..4f(@........d<br />0x0010: c0a8 01f0 d913 0c38 4b6a 2326 0000 0000 .......8Kj#&amp;....<br />0x0020: 8002 2000 768f 0000 0204 05b4 0103 0308 ....v...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:00 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55571 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4081054976 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:00 0110021 IP 192.168.1.100.55572 &gt; 192.168.1.240.3128 : proto TCP: S 2964374867:2964374867(0) win 65535 checksum : 41769<br />0x0000: 4500 0030 2ea2 4000 8006 4781 c0a8 0164 E..0..@...G....d<br />0x0010: c0a8 01f0 d914 0c38 b0b0 c553 0000 0000 .......8...S....<br />0x0020: 7002 ffff a329 0000 0204 05b4 0101 0402 p....)..........<br />Date=2016-07-22 Time=08:32:00 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55572 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696452928 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:02 0110021 IP 192.168.1.100.55575 &gt; 192.168.1.240.3128 : proto TCP: S 2500516977:2500516977(0) win 65535 checksum : 37791<br />0x0000: 4500 0034 2ea3 4000 8006 477c c0a8 0164 E..4..@...G|...d<br />0x0010: c0a8 01f0 d917 0c38 950a dc71 0000 0000 .......8...q....<br />0x0020: 8002 ffff 939f 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:02 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55575 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:02 0110021 IP 192.168.1.100.55562 &gt; 192.168.1.240.3128 : proto TCP: S 1352632981:1352632981(0) win 8192 checksum : 7683<br />0x0000: 4500 0030 18d3 4000 8006 5d50 c0a8 0164 E..0..@...]P...d<br />0x0010: c0a8 01f0 d90a 0c38 509f 8a95 0000 0000 .......8P.......<br />0x0020: 7002 2000 1e03 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:32:02 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55562 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:02 0110021 IP 192.168.1.100.55563 &gt; 192.168.1.240.3128 : proto TCP: S 2490719878:2490719878(0) win 8192 checksum : 1595<br />0x0000: 4500 0030 1382 4000 8006 62a1 c0a8 0164 E..0..@...b....d<br />0x0010: c0a8 01f0 d90b 0c38 9475 5e86 0000 0000 .......8.u^.....<br />0x0020: 7002 2000 063b 0000 0204 05b4 0101 0402 p....;..........<br />Date=2016-07-22 Time=08:32:02 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55563 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:02 0110021 IP 192.168.1.100.55576 &gt; 192.168.1.240.3128 : proto TCP: S 4091948502:4091948502(0) win 65535 checksum : 58205<br />0x0000: 4500 0034 2ea4 4000 8006 477b c0a8 0164 E..4..@...G{...d<br />0x0010: c0a8 01f0 d918 0c38 f3e6 2dd6 0000 0000 .......8..-.....<br />0x0020: 8002 ffff e35d 0000 0204 05b4 0103 0308 .....]..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:02 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55576 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:03 0110021 IP 192.168.1.100.55575 &gt; 192.168.1.240.3128 : proto TCP: S 2500516977:2500516977(0) win 65535 checksum : 37791<br />0x0000: 4500 0034 2ea5 4000 8006 477a c0a8 0164 E..4..@...Gz...d<br />0x0010: c0a8 01f0 d917 0c38 950a dc71 0000 0000 .......8...q....<br />0x0020: 8002 ffff 939f 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:03 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55575 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:03 0110021 IP 192.168.1.100.55576 &gt; 192.168.1.240.3128 : proto TCP: S 4091948502:4091948502(0) win 65535 checksum : 58205<br />0x0000: 4500 0034 2ea6 4000 8006 4779 c0a8 0164 E..4..@...Gy...d<br />0x0010: c0a8 01f0 d918 0c38 f3e6 2dd6 0000 0000 .......8..-.....<br />0x0020: 8002 ffff e35d 0000 0204 05b4 0103 0308 .....]..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:03 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55576 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:04 0110021 IP 192.168.1.100.55566 &gt; 10.10.0.11.445 : proto TCP: S 1803105247:1803105247(0) win 8192 checksum : 7386<br />0x0000: 4500 0030 5072 4000 7f06 df34 c0a8 0164 E..0Pr@....4...d<br />0x0010: 0a0a 000b d90e 01bd 6b79 33df 0000 0000 ........ky3.....<br />0x0020: 7002 2000 1cda 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:32:04 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortA.10 inzone_id=1 outzone_id=7 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=10.10.0.11 l4_protocol=TCP source_port=55566 dest_port=445 fw_rule_id=18 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=2570599232 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:05 0110021 IP 192.168.1.100.55575 &gt; 192.168.1.240.3128 : proto TCP: S 2500516977:2500516977(0) win 65535 checksum : 42926<br />0x0000: 4500 0030 2ea7 4000 8006 477c c0a8 0164 E..0..@...G|...d<br />0x0010: c0a8 01f0 d917 0c38 950a dc71 0000 0000 .......8...q....<br />0x0020: 7002 ffff a7ae 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:32:05 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55575 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570599232 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:05 0110021 IP 192.168.1.100.55567 &gt; 172.16.100.1.63000 : proto TCP: S 2719993823:2719993823(0) win 8192 checksum : 20441<br />0x0000: 4500 0030 46d5 4000 7f06 e2d4 c0a8 0164 E..0F.@........d<br />0x0010: ac10 6401 d90f f618 a21f cfdf 0000 0000 ..d.............<br />0x0020: 7002 2000 4fd9 0000 0204 05b4 0101 0402 p...O...........<br />Date=2016-07-22 Time=08:32:05 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55567 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2570599232 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:05 0110021 IP 192.168.1.100.55570 &gt; 192.168.1.240.3128 : proto TCP: S 2250717763:2250717763(0) win 8192 checksum : 14533<br />0x0000: 4500 0030 6629 4000 8006 0ffa c0a8 0164 E..0f)@........d<br />0x0010: c0a8 01f0 d912 0c38 8627 3a43 0000 0000 .......8.&#39;:C....<br />0x0020: 7002 2000 38c5 0000 0204 05b4 0101 0402 p...8...........<br />Date=2016-07-22 Time=08:32:05 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55570 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345600 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:05 0110021 IP 192.168.1.100.55576 &gt; 192.168.1.240.3128 : proto TCP: S 4091948502:4091948502(0) win 65535 checksum : 63340<br />0x0000: 4500 0030 2ea8 4000 8006 477b c0a8 0164 E..0..@...G{...d<br />0x0010: c0a8 01f0 d918 0c38 f3e6 2dd6 0000 0000 .......8..-.....<br />0x0020: 7002 ffff f76c 0000 0204 05b4 0101 0402 p....l..........<br />Date=2016-07-22 Time=08:32:05 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55576 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345600 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:06 0110021 IP 192.168.1.100.55571 &gt; 192.168.1.240.3128 : proto TCP: S 1265247014:1265247014(0) win 8192 checksum : 35486<br />0x0000: 4500 0030 662a 4000 8006 0ff9 c0a8 0164 E..0f*@........d<br />0x0010: c0a8 01f0 d913 0c38 4b6a 2326 0000 0000 .......8Kj#&amp;....<br />0x0020: 7002 2000 8a9e 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:32:06 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55571 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570345600 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:07 0110021 IP 192.168.1.100.55579 &gt; 192.168.1.240.3128 : proto TCP: S 3993585777:3993585777(0) win 65535 checksum : 52892<br />0x0000: 4500 0034 2ea9 4000 8006 4776 c0a8 0164 E..4..@...Gv...d<br />0x0010: c0a8 01f0 d91b 0c38 ee09 4871 0000 0000 .......8..Hq....<br />0x0020: 8002 ffff ce9c 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:07 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55579 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2845348480 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:08 0110021 IP 192.168.1.100.55579 &gt; 192.168.1.240.3128 : proto TCP: S 3993585777:3993585777(0) win 65535 checksum : 52892<br />0x0000: 4500 0034 2eaa 4000 8006 4775 c0a8 0164 E..4..@...Gu...d<br />0x0010: c0a8 01f0 d91b 0c38 ee09 4871 0000 0000 .......8..Hq....<br />0x0020: 8002 ffff ce9c 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:08 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55579 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3665591424 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:10 0110021 IP 192.168.1.100.55579 &gt; 192.168.1.240.3128 : proto TCP: S 3993585777:3993585777(0) win 65535 checksum : 58027<br />0x0000: 4500 0030 2eab 4000 8006 4778 c0a8 0164 E..0..@...Gx...d<br />0x0010: c0a8 01f0 d91b 0c38 ee09 4871 0000 0000 .......8..Hq....<br />0x0020: 7002 ffff e2ab 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:32:10 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55579 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3963452864 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:12 0110021 IP 192.168.1.100.55583 &gt; 172.16.100.1.63000 : proto TCP: S 1838079112:1838079112(0) win 8192 checksum : 25506<br />0x0000: 4500 0034 46d6 4000 7f06 e2cf c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d91f f618 6d8e dc88 0000 0000 ..d.....m.......<br />0x0020: 8002 2000 63a2 0000 0204 05b4 0103 0308 ....c...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:12 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55583 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2845348160 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:14 0110021 IP 192.168.1.100.55584 &gt; 192.168.1.240.3128 : proto TCP: S 2269919041:2269919041(0) win 8192 checksum : 9861<br />0x0000: 4500 0034 572a 4000 8006 1ef5 c0a8 0164 E..4W*@........d<br />0x0010: c0a8 01f0 d920 0c38 874c 3741 0000 0000 .......8.L7A....<br />0x0020: 8002 2000 2685 0000 0204 05b4 0103 0308 ....&amp;...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:14 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55584 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2240260288 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:15 0110021 IP 192.168.1.100.55583 &gt; 172.16.100.1.63000 : proto TCP: S 1838079112:1838079112(0) win 8192 checksum : 25506<br />0x0000: 4500 0034 46d7 4000 7f06 e2ce c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d91f f618 6d8e dc88 0000 0000 ..d.....m.......<br />0x0020: 8002 2000 63a2 0000 0204 05b4 0103 0308 ....c...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:15 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55583 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2240261568 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:15 0110021 IP 192.168.1.100.55592 &gt; 192.168.1.240.3128 : proto TCP: S 1912137160:1912137160(0) win 8192 checksum : 36169<br />0x0000: 4500 0034 662b 4000 8006 0ff4 c0a8 0164 E..4f+@........d<br />0x0010: c0a8 01f0 d928 0c38 71f8 e5c8 0000 0000 .....(.8q.......<br />0x0020: 8002 2000 8d49 0000 0204 05b4 0103 0308 .....I..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:15 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55592 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2240261568 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:16 0102021 IP 192.168.1.100.55367 &gt; 52.88.10.131.80 : proto TCP: R 2546870546:2546870546(0) checksum : 5960<br />0x0000: 4500 0028 31c9 0000 8006 0820 c0a8 0164 E..(1..........d<br />0x0010: 3458 0a83 d847 0050 97ce 2912 7213 8c15 4X...G.P..).r...<br />0x0020: 5014 0000 1748 0000 0000 0000 0000 P....H........<br />Date=2016-07-22 Time=08:32:16 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=52.88.10.131 l4_protocol=TCP source_port=55367 dest_port=80 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:17 0110021 IP 192.168.1.100.55595 &gt; 172.16.100.1.63000 : proto TCP: S 3354579296:3354579296(0) win 8192 checksum : 5210<br />0x0000: 4500 0034 46d8 4000 7f06 e2cd c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d92b f618 c7f2 d160 0000 0000 ..d..+.....`....<br />0x0020: 8002 2000 145a 0000 0204 05b4 0103 0308 .....Z..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:17 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55595 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3961141760 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:17 0110021 IP 192.168.1.100.55596 &gt; 192.168.1.240.3128 : proto TCP: S 3444052336:3444052336(0) win 8192 checksum : 1614<br />0x0000: 4500 0034 68f4 4000 8006 0d2b c0a8 0164 E..4h.@....+...d<br />0x0010: c0a8 01f0 d92c 0c38 cd48 1170 0000 0000 .....,.8.H.p....<br />0x0020: 8002 2000 064e 0000 0204 05b4 0103 0308 .....N..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:17 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55596 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3961141120 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:18 0110021 IP 192.168.1.100.55597 &gt; 192.168.1.240.3128 : proto TCP: S 4080692256:4080692256(0) win 8192 checksum : 34218<br />0x0000: 4500 0034 68f5 4000 8006 0d2a c0a8 0164 E..4h.@....*...d<br />0x0010: c0a8 01f0 d92d 0c38 f33a 6c20 0000 0000 .....-.8.:l.....<br />0x0020: 8002 2000 85aa 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:18 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55597 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3961141120 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:18 0110021 IP 192.168.1.100.55592 &gt; 192.168.1.240.3128 : proto TCP: S 1912137160:1912137160(0) win 8192 checksum : 36169<br />0x0000: 4500 0034 662e 4000 8006 0ff1 c0a8 0164 E..4f.@........d<br />0x0010: c0a8 01f0 d928 0c38 71f8 e5c8 0000 0000 .....(.8q.......<br />0x0020: 8002 2000 8d49 0000 0204 05b4 0103 0308 .....I..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:18 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55592 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2395481024 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:20 0110021 IP 192.168.1.100.55595 &gt; 172.16.100.1.63000 : proto TCP: S 3354579296:3354579296(0) win 8192 checksum : 5210<br />0x0000: 4500 0034 46d9 4000 7f06 e2cc c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d92b f618 c7f2 d160 0000 0000 ..d..+.....`....<br />0x0020: 8002 2000 145a 0000 0204 05b4 0103 0308 .....Z..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:20 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55595 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3663553472 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:20 0110021 IP 192.168.1.100.55596 &gt; 192.168.1.240.3128 : proto TCP: S 3444052336:3444052336(0) win 8192 checksum : 1614<br />0x0000: 4500 0034 68f7 4000 8006 0d28 c0a8 0164 E..4h.@....(...d<br />0x0010: c0a8 01f0 d92c 0c38 cd48 1170 0000 0000 .....,.8.H.p....<br />0x0020: 8002 2000 064e 0000 0204 05b4 0103 0308 .....N..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:20 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55596 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2567264768 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:21 0110021 IP 192.168.1.100.55597 &gt; 192.168.1.240.3128 : proto TCP: S 4080692256:4080692256(0) win 8192 checksum : 34218<br />0x0000: 4500 0034 68f8 4000 8006 0d27 c0a8 0164 E..4h.@....&#39;...d<br />0x0010: c0a8 01f0 d92d 0c38 f33a 6c20 0000 0000 .....-.8.:l.....<br />0x0020: 8002 2000 85aa 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:21 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55597 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2567264768 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:21 0102021 IP 192.168.1.100.55378 &gt; 52.72.102.104.80 : proto TCP: R 3519972575:3519972575(0) checksum : 50901<br />0x0000: 4500 0028 1769 0000 8006 c6aa c0a8 0164 E..(.i.........d<br />0x0010: 3448 6668 d852 0050 d1ce 84df 0737 55b6 4Hfh.R.P.....7U.<br />0x0020: 5014 0000 c6d5 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:32:21 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=52.72.102.104 l4_protocol=TCP source_port=55378 dest_port=80 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:21 0110021 IP 192.168.1.100.55583 &gt; 172.16.100.1.63000 : proto TCP: S 1838079112:1838079112(0) win 8192 checksum : 30641<br />0x0000: 4500 0030 46da 4000 7f06 e2cf c0a8 0164 E..0F.@........d<br />0x0010: ac10 6401 d91f f618 6d8e dc88 0000 0000 ..d.....m.......<br />0x0020: 7002 2000 77b1 0000 0204 05b4 0101 0402 p...w...........<br />Date=2016-07-22 Time=08:32:21 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55583 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2974437696 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:22 0102021 IP 192.168.1.100.55382 &gt; 52.72.102.104.80 : proto TCP: R 1413927265:1413927265(0) checksum : 11777<br />0x0000: 4500 0028 176a 0000 8006 c6a9 c0a8 0164 E..(.j.........d<br />0x0010: 3448 6668 d856 0050 5446 d161 6105 c5be 4Hfh.V.PTF.aa...<br />0x0020: 5014 0000 2e01 0000 0000 0000 0000 P.............<br />Date=2016-07-22 Time=08:32:22 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=0 outzone_id=0 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=52.72.102.104 l4_protocol=TCP source_port=55382 dest_port=80 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:24 0110021 IP 192.168.1.100.55592 &gt; 192.168.1.240.3128 : proto TCP: S 1912137160:1912137160(0) win 8192 checksum : 41304<br />0x0000: 4500 0030 6631 4000 8006 0ff2 c0a8 0164 E..0f1@........d<br />0x0010: c0a8 01f0 d928 0c38 71f8 e5c8 0000 0000 .....(.8q.......<br />0x0020: 7002 2000 a158 0000 0204 05b4 0101 0402 p....X..........<br />Date=2016-07-22 Time=08:32:24 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55592 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696062528 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:26 0110021 IP 192.168.1.100.55595 &gt; 172.16.100.1.63000 : proto TCP: S 3354579296:3354579296(0) win 8192 checksum : 10345<br />0x0000: 4500 0030 46db 4000 7f06 e2ce c0a8 0164 E..0F.@........d<br />0x0010: ac10 6401 d92b f618 c7f2 d160 0000 0000 ..d..+.....`....<br />0x0020: 7002 2000 2869 0000 0204 05b4 0101 0402 p...(i..........<br />Date=2016-07-22 Time=08:32:26 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55595 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3959902528 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:26 0110021 IP 192.168.1.100.55596 &gt; 192.168.1.240.3128 : proto TCP: S 3444052336:3444052336(0) win 8192 checksum : 6749<br />0x0000: 4500 0030 68fc 4000 8006 0d27 c0a8 0164 E..0h.@....&#39;...d<br />0x0010: c0a8 01f0 d92c 0c38 cd48 1170 0000 0000 .....,.8.H.p....<br />0x0020: 7002 2000 1a5d 0000 0204 05b4 0101 0402 p....]..........<br />Date=2016-07-22 Time=08:32:26 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55596 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3959904128 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:27 0110021 IP 192.168.1.100.55597 &gt; 192.168.1.240.3128 : proto TCP: S 4080692256:4080692256(0) win 8192 checksum : 39353<br />0x0000: 4500 0030 68fd 4000 8006 0d26 c0a8 0164 E..0h.@....&amp;...d<br />0x0010: c0a8 01f0 d92d 0c38 f33a 6c20 0000 0000 .....-.8.:l.....<br />0x0020: 7002 2000 99b9 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:32:27 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55597 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3959904128 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:33 0110021 IP 192.168.1.100.55604 &gt; 172.16.100.1.63000 : proto TCP: S 2981503844:2981503844(0) win 8192 checksum : 55433<br />0x0000: 4500 0034 46dc 4000 7f06 e2c9 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d934 f618 b1b6 2364 0000 0000 ..d..4....#d....<br />0x0020: 8002 2000 d889 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:33 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55604 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3663556032 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:36 0110021 IP 192.168.1.100.55604 &gt; 172.16.100.1.63000 : proto TCP: S 2981503844:2981503844(0) win 8192 checksum : 55433<br />0x0000: 4500 0034 46dd 4000 7f06 e2c8 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d934 f618 b1b6 2364 0000 0000 ..d..4....#d....<br />0x0020: 8002 2000 d889 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55604 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2570343360 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:36 0110021 IP 192.168.1.100.55605 &gt; 192.168.1.240.3128 : proto TCP: S 376496505:376496505(0) win 8192 checksum : 60691<br />0x0000: 4500 0034 68fe 4000 8006 0d21 c0a8 0164 E..4h.@....!...d<br />0x0010: c0a8 01f0 d935 0c38 1670 e179 0000 0000 .....5.8.p.y....<br />0x0020: 8002 2000 ed13 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:36 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55605 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2570343360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:38 0110021 IP 192.168.1.100.55608 &gt; 172.16.100.1.63000 : proto TCP: S 216627943:216627943(0) win 8192 checksum : 9680<br />0x0000: 4500 0034 46de 4000 7f06 e2c7 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d938 f618 0ce9 7ae7 0000 0000 ..d..8....z.....<br />0x0020: 8002 2000 25d0 0000 0204 05b4 0103 0308 ....%...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:38 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55608 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2240258048 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:39 0110021 IP 192.168.1.100.55605 &gt; 192.168.1.240.3128 : proto TCP: S 376496505:376496505(0) win 8192 checksum : 60691<br />0x0000: 4500 0034 68ff 4000 8006 0d20 c0a8 0164 E..4h.@........d<br />0x0010: c0a8 01f0 d935 0c38 1670 e179 0000 0000 .....5.8.p.y....<br />0x0020: 8002 2000 ed13 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:39 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55605 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2696359936 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:41 0110021 IP 192.168.1.100.55608 &gt; 172.16.100.1.63000 : proto TCP: S 216627943:216627943(0) win 8192 checksum : 9680<br />0x0000: 4500 0034 46df 4000 7f06 e2c6 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d938 f618 0ce9 7ae7 0000 0000 ..d..8....z.....<br />0x0020: 8002 2000 25d0 0000 0204 05b4 0103 0308 ....%...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:41 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55608 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2693609664 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:42 0110021 IP 192.168.1.100.55604 &gt; 172.16.100.1.63000 : proto TCP: S 2981503844:2981503844(0) win 8192 checksum : 60568<br />0x0000: 4500 0030 46e0 4000 7f06 e2c9 c0a8 0164 E..0F.@........d<br />0x0010: ac10 6401 d934 f618 b1b6 2364 0000 0000 ..d..4....#d....<br />0x0020: 7002 2000 ec98 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:32:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55604 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=4079321728 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:42 0110021 IP 192.168.1.100.55611 &gt; 192.168.1.240.3128 : proto TCP: S 288967125:288967125(0) win 8192 checksum : 35305<br />0x0000: 4500 0034 6638 4000 8006 0fe7 c0a8 0164 E..4f8@........d<br />0x0010: c0a8 01f0 d93b 0c38 1139 49d5 0000 0000 .....;.8.9I.....<br />0x0020: 8002 2000 89e9 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:42 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55611 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4079321728 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:44 0110021 IP 192.168.1.100.55612 &gt; 192.168.1.240.3128 : proto TCP: S 1176912647:1176912647(0) win 8192 checksum : 23497<br />0x0000: 4500 0034 59ce 4000 8006 1c51 c0a8 0164 E..4Y.@....Q...d<br />0x0010: c0a8 01f0 d93c 0c38 4626 4307 0000 0000 .....&lt;.8F&amp;C.....<br />0x0020: 8002 2000 5bc9 0000 0204 05b4 0103 0308 ....[...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:44 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55612 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2568758848 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:45 0110021 IP 192.168.1.100.55611 &gt; 192.168.1.240.3128 : proto TCP: S 288967125:288967125(0) win 8192 checksum : 35305<br />0x0000: 4500 0034 6639 4000 8006 0fe6 c0a8 0164 E..4f9@........d<br />0x0010: c0a8 01f0 d93b 0c38 1139 49d5 0000 0000 .....;.8.9I.....<br />0x0020: 8002 2000 89e9 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:45 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55611 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3663456448 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:45 0110021 IP 192.168.1.100.55605 &gt; 192.168.1.240.3128 : proto TCP: S 376496505:376496505(0) win 8192 checksum : 291<br />0x0000: 4500 0030 6902 4000 8006 0d21 c0a8 0164 E..0i.@....!...d<br />0x0010: c0a8 01f0 d935 0c38 1670 e179 0000 0000 .....5.8.p.y....<br />0x0020: 7002 2000 0123 0000 0204 05b4 0101 0402 p....#..........<br />Date=2016-07-22 Time=08:32:45 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55605 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3663456448 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:47 0110021 IP 192.168.1.100.55612 &gt; 192.168.1.240.3128 : proto TCP: S 1176912647:1176912647(0) win 8192 checksum : 23497<br />0x0000: 4500 0034 59cf 4000 8006 1c50 c0a8 0164 E..4Y.@....P...d<br />0x0010: c0a8 01f0 d93c 0c38 4626 4307 0000 0000 .....&lt;.8F&amp;C.....<br />0x0020: 8002 2000 5bc9 0000 0204 05b4 0103 0308 ....[...........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55612 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3960901056 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:47 0110021 IP 192.168.1.100.55608 &gt; 172.16.100.1.63000 : proto TCP: S 216627943:216627943(0) win 8192 checksum : 14815<br />0x0000: 4500 0030 46e1 4000 7f06 e2c8 c0a8 0164 E..0F.@........d<br />0x0010: ac10 6401 d938 f618 0ce9 7ae7 0000 0000 ..d..8....z.....<br />0x0020: 7002 2000 39df 0000 0204 05b4 0101 0402 p...9...........<br />Date=2016-07-22 Time=08:32:47 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55608 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=3960901056 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:51 0110021 IP 192.168.1.100.55611 &gt; 192.168.1.240.3128 : proto TCP: S 288967125:288967125(0) win 8192 checksum : 40440<br />0x0000: 4500 0030 663b 4000 8006 0fe8 c0a8 0164 E..0f;@........d<br />0x0010: c0a8 01f0 d93b 0c38 1139 49d5 0000 0000 .....;.8.9I.....<br />0x0020: 7002 2000 9df8 0000 0204 05b4 0101 0402 p...............<br />Date=2016-07-22 Time=08:32:51 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55611 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2158529024 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:53 0110021 IP 192.168.1.100.55612 &gt; 192.168.1.240.3128 : proto TCP: S 1176912647:1176912647(0) win 8192 checksum : 28632<br />0x0000: 4500 0030 59d0 4000 8006 1c53 c0a8 0164 E..0Y.@....S...d<br />0x0010: c0a8 01f0 d93c 0c38 4626 4307 0000 0000 .....&lt;.8F&amp;C.....<br />0x0020: 7002 2000 6fd8 0000 0204 05b4 0101 0402 p...o...........<br />Date=2016-07-22 Time=08:32:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=55612 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2485415360 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:54 0110021 IP 192.168.1.100.55617 &gt; 172.16.100.1.63000 : proto TCP: S 1236350617:1236350617(0) win 8192 checksum : 11597<br />0x0000: 4500 0034 46e2 4000 7f06 e2c3 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d941 f618 49b1 3699 0000 0000 ..d..A..I.6.....<br />0x0020: 8002 2000 2d4d 0000 0204 05b4 0103 0308 ....-M..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:54 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55617 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2247897408 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-07-22 08:32:57 0110021 IP 192.168.1.100.55617 &gt; 172.16.100.1.63000 : proto TCP: S 1236350617:1236350617(0) win 8192 checksum : 11597<br />0x0000: 4500 0034 46e3 4000 7f06 e2c2 c0a8 0164 E..4F.@........d<br />0x0010: ac10 6401 d941 f618 49b1 3699 0000 0000 ..d..A..I.6.....<br />0x0020: 8002 2000 2d4d 0000 0204 05b4 0103 0308 ....-M..........<br />0x0030: 0101 0402 ....<br />Date=2016-07-22 Time=08:32:57 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev=PortE inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=172.16.100.1 l4_protocol=TCP source_port=55617 dest_port=63000 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=8 masterid=2977322880 status=0 state=256 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p></p> <p>CR100iNG_CA01_SFOS 15.01.0 MR-3# tail -f /log/access_server.log | grep nealb<br />DEBUG Jul 22 08:36:00 [1997469440]: (lc_utf8_bytes): lowercase = &#39;nealb&#39;<br />DEBUG Jul 22 08:36:00 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jul 22 08:36:00 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:&#39;name&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jul 22 08:36:00 [1997469440]: fill_logout_garner_data: UPLOAD:0,DOWNLOAD:0,starttime:1469192421, Groupid:5, MAC:&#39;&#39;, NAME:&#39;nealb@kb.local&#39;<br />DEBUG Jul 22 08:36:00 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:&#39;{ &quot;userids&quot;:[&quot;nealb@kb.local&quot;],&quot;uploaddata&quot;:[&quot;254186985680&quot;],&quot;downloaddata&quot;:[&quot;27217391412&quot;],&quot;cycleupload&quot;:[&quot;254186985680&quot;],&quot;cycledownload&quot;:[&quot;27217391412&quot;],&quot;usedminutes&quot;:[429291],&quot;cycleusedminutes&quot;:[429291],&quot;lastusedtime&quot;:[&quot;2016-07-22 08:35:59&quot;] }&#39;<br />DEBUG Jul 22 08:36:00 [1997469440]: (opcode_handle_logout): clienttype 9, JASON: { &quot;userid&quot;:&quot;nealb@kb.local&quot;,&quot;liveuserid&quot;:&quot;1786&quot;,&quot;bwpolicyid&quot;:&quot;&quot;,&quot;ipaddress&quot;:&quot;10.10.0.11&quot;,&quot;setname&quot;:&quot;lusers&quot;, }<br />DEBUG Jul 22 08:36:02 [1997469440]: (lc_utf8_bytes): lowercase = &#39;nealb&#39;<br />DEBUG Jul 22 08:36:02 [1987046208]: insert_escape_sequence: string to process nealb<br />DEBUG Jul 22 08:36:02 [1987046208]: insert_escape_sequence: after inserting escape seq nealb<br />INFO Jul 22 08:36:02 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: &#39;nealb&#39;<br />INFO Jul 22 08:36:02 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: &#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jul 22 08:36:02 [1987046208]: adsauth_authenticate_user: &#39;10.10.0.10:389&#39;:(filter: &#39;(sAMAccountName=nealb)&#39;) USER found DN:&#39;CN=Neal Bellamy,OU=KBUsers,OU=KB,DC=KB,DC=Local&#39;<br />DEBUG Jul 22 08:36:02 [1994390336]: pg_db_handle_request: req_type:0, static_query:SELECT a.userid, a.groupid, a.username, a.name, a.emailid, view_group.name, a.active, a.usertype, a.webfilterid, a.appfilterid, a.accesspolicyid, a.bwpolicyid, a.surfingquotapolicyid, a.datatransferpolicyid, a.ipallocation, tblpolicy.allotedminutes, b.usedminutes, b.cycleusedminutes, b.uploaddata, b.downloaddata, b.lastusedtime, b.cycleupload, b.cycledownload, a.maxloginallowed, a.renewdate, a.macbinding, view_group.ipallocation from tbluser a left join tblpolicy on (a.surfingquotapolicyid = tblpolicy.policyid) left join tblsecuritypolicy on (a.webfilterid = tblsecuritypolicy.securitypolicyid) left join tblappfilterpolicy on (a.appfilterid = tblappfilterpolicy.id) left join tblbandwidthpolicy on (a.bwpolicyid= tblbandwidthpolicy.policyid), view_group, tbluseraccounting b WHERE a.userid = b.userid and a.groupid = view_group.groupid and username = &#39;nealb@kb.local&#39; and usertype in (1, 2, 5, 8 )<br />DEBUG Jul 22 08:36:02 [1994390336]: pg_db_handle_get_userinfo: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jul 22 08:36:02 [1994390336]: pg_db_handle_get_userinfo: column:&#39;name&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jul 22 08:36:02 [1994390336]: pg_db_handle_get_userinfo: column:&#39;emailid&#39;, value:&#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jul 22 08:36:03 [1994390336]: get_email_attr: email Attr: &#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jul 22 08:36:03 [1993337664]: sqlite_db_handle_request: req_type:2, query:SELECT count(*) FROM tblliveuser WHERE username = &#39;nealb@kb.local&#39; and isactive &gt; 0<br />DEBUG Jul 22 08:36:03 [1997469440]: do_authorization_phase2: User:&#39;nealb@kb.local&#39;, Logincount:2<br />DEBUG Jul 22 08:36:03 [1993337664]: sqlite_db_handle_request: req_type:8, query:INSERT INTO tblliveuser (liveuserid, userid, username, name, uname, ipaddress, groupid, starttime, lastlivetime, isactive, webfilterid, appfilterid, bwpolicy, squotapolicy, accesspolicy, datatransferpolicy, renewdate, macaddress, clienttype, address_family, deviceid, agentipaddress, authserverid) VALUES (1792, 8, &#39;nealb@kb.local&#39;, &#39;nealb@kb.local&#39;, &#39;nealb&#39;, &#39;10.10.0.11&#39;, 5, 3031812, 3031812, 1, 1, 1, 0, 1, 1, 0, &#39;2015-02-21&#39;, &#39;&#39;, 9, 2, &#39;&#39;, &#39;&#39;, 0)<br />INFO Jul 22 08:36:03 [1997469440]: handle_liveuser_insert: LIVE USER &#39;nealb@kb.local&#39; INSERTED<br />DEBUG Jul 22 08:36:03 [1984940864]: opcode_handle_login: OPCODE: JSON:&#39;{ &quot;groupid&quot;: [&quot;5&quot;,&quot;6&quot;],&quot;userid&quot;:&quot;nealb@kb.local&quot;,&quot;liveuserid&quot;:&quot;1792&quot;,&quot;ipaddress&quot;:&quot;10.10.0.11&quot;,&quot;bwpolicyid&quot;:&quot;&quot;,&quot;webfilterid&quot;:&quot;Allow All&quot;,&quot;appfilterid&quot;:&quot;Allow All&quot;,&quot;starttime&quot;:&quot;3031812&quot;,&quot;clienttype&quot;:&quot;9&quot;,&quot;setname&quot;:&quot;lusers&quot;,&quot;addr_family&quot;:&quot;2&quot;,&quot;ismicroapp&quot;:&quot;0&quot;,&quot;authservername&quot;:&quot;&quot;,&quot;macaddress&quot;:&quot;&quot;,&quot;logintime&quot;:&quot;2016-07-22 08:36:03&quot; }&#39;</p><div style="clear:both;"></div>RE: STAS causing dropped packets?https://community.sophos.com/thread/299987?ContentTypeID=1Thu, 30 Jun 2016 06:04:42 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:7c8b3eb5-28cc-4fc3-83de-e0f763ef6785NealBellamy<p>No we are not attempting to use the XG as a proxy. No steps are taken to resolve. It clears itself up in 30-60 seconds.&nbsp;</p><div style="clear:both;"></div>RE: STAS causing dropped packets?https://community.sophos.com/thread/299953?ContentTypeID=1Thu, 30 Jun 2016 01:52:28 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:8fb4bf8a-5f82-41c4-89fb-5b5bd50038b3sachingurung<p>Hi Neal,</p> <p>Are you using XG as a proxy on port 3128? What steps do the users take to resolve the issue? Do they reauthenticate or the error seems to resolve itself automatically?&nbsp;</p> <p>I think we are misunderstanding the issue if the users are not getting logged out.</p> <p>Thanks</p><div style="clear:both;"></div>RE: STAS causing dropped packets?https://community.sophos.com/thread/299763?ContentTypeID=1Tue, 28 Jun 2016 08:54:34 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:67f5ce94-6acc-4293-b9b1-bfdc2ecba506NealBellamy<p>It happened to me again this morning and I was able to catch it.&nbsp;</p> <p>Denied Packet Log:</p> <p></p> <p>console&gt; drop-packet-capture &quot;host 192.168.1.100 and proto TCP&quot;<br />2016-06-28 08:41:50 0110021 IP 192.168.1.100.65153 &gt; 192.168.1.240.3128 : proto TCP: S 948770365:948770365(0) win 8192 checksum : 28903<br />0x0000: 4500 0034 2448 4000 8006 51d7 c0a8 0164 E..4$H@...Q....d<br />0x0010: c0a8 01f0 fe81 0c38 388d 163d 0000 0000 .......88..=....<br />0x0020: 8002 2000 70e7 0000 0204 05b4 0103 0308 ....p...........<br />0x0030: 0101 0402 ....<br />Date=2016-06-28 Time=08:41:50 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65153 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2846791552 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-06-28 08:41:53 0110021 IP 192.168.1.100.65153 &gt; 192.168.1.240.3128 : proto TCP: S 948770365:948770365(0) win 8192 checksum : 28903<br />0x0000: 4500 0034 2449 4000 8006 51d6 c0a8 0164 E..4$I@...Q....d<br />0x0010: c0a8 01f0 fe81 0c38 388d 163d 0000 0000 .......88..=....<br />0x0020: 8002 2000 70e7 0000 0204 05b4 0103 0308 ....p...........<br />0x0030: 0101 0402 ....<br />Date=2016-06-28 Time=08:41:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65153 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=4104848320 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-06-28 08:41:53 0110021 IP 192.168.1.100.65156 &gt; 192.168.1.240.3128 : proto TCP: S 814037404:814037404(0) win 8192 checksum : 21901<br />0x0000: 4500 0034 2434 4000 8006 51eb c0a8 0164 E..4$4@...Q....d<br />0x0010: c0a8 01f0 fe84 0c38 3085 399c 0000 0000 .......80.9.....<br />0x0020: 8002 2000 558d 0000 0204 05b4 0103 0308 ....U...........<br />0x0030: 0101 0402 ....<br />Date=2016-06-28 Time=08:41:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65156 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2844791424 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-06-28 08:41:53 0110021 IP 192.168.1.100.65157 &gt; 192.168.1.240.3128 : proto TCP: S 176917162:176917162(0) win 8192 checksum : 10872<br />0x0000: 4500 0034 605f 4000 8006 15c0 c0a8 0164 E..4`_@........d<br />0x0010: c0a8 01f0 fe85 0c38 0a8b 8aaa 0000 0000 .......8........<br />0x0020: 8002 2000 2a78 0000 0204 05b4 0103 0308 ....*x..........<br />0x0030: 0101 0402 ....<br />Date=2016-06-28 Time=08:41:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65157 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2844791424 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-06-28 08:41:53 0110021 IP 192.168.1.100.65158 &gt; 192.168.1.240.3128 : proto TCP: S 2123387162:2123387162(0) win 8192 checksum : 61441<br />0x0000: 4500 0034 0780 4000 8006 6e9f c0a8 0164 E..4..@...n....d<br />0x0010: c0a8 01f0 fe86 0c38 7e90 511a 0000 0000 .......8~.Q.....<br />0x0020: 8002 2000 f001 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-06-28 Time=08:41:53 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65158 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2844791424 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-06-28 08:41:56 0110021 IP 192.168.1.100.65156 &gt; 192.168.1.240.3128 : proto TCP: S 814037404:814037404(0) win 8192 checksum : 21901<br />0x0000: 4500 0034 2435 4000 8006 51ea c0a8 0164 E..4$5@...Q....d<br />0x0010: c0a8 01f0 fe84 0c38 3085 399c 0000 0000 .......80.9.....<br />0x0020: 8002 2000 558d 0000 0204 05b4 0103 0308 ....U...........<br />0x0030: 0101 0402 ....<br />Date=2016-06-28 Time=08:41:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65156 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2974131776 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-06-28 08:41:56 0110021 IP 192.168.1.100.65157 &gt; 192.168.1.240.3128 : proto TCP: S 176917162:176917162(0) win 8192 checksum : 10872<br />0x0000: 4500 0034 6060 4000 8006 15bf c0a8 0164 E..4``@........d<br />0x0010: c0a8 01f0 fe85 0c38 0a8b 8aaa 0000 0000 .......8........<br />0x0020: 8002 2000 2a78 0000 0204 05b4 0103 0308 ....*x..........<br />0x0030: 0101 0402 ....<br />Date=2016-06-28 Time=08:41:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65157 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2974131776 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-06-28 08:41:56 0110021 IP 192.168.1.100.65158 &gt; 192.168.1.240.3128 : proto TCP: S 2123387162:2123387162(0) win 8192 checksum : 61441<br />0x0000: 4500 0034 0781 4000 8006 6e9e c0a8 0164 E..4..@...n....d<br />0x0010: c0a8 01f0 fe86 0c38 7e90 511a 0000 0000 .......8~.Q.....<br />0x0020: 8002 2000 f001 0000 0204 05b4 0103 0308 ................<br />0x0030: 0101 0402 ....<br />Date=2016-06-28 Time=08:41:56 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65158 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=2974131776 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p>2016-06-28 08:41:59 0110021 IP 192.168.1.100.65153 &gt; 192.168.1.240.3128 : proto TCP: S 948770365:948770365(0) win 8192 checksum : 34038<br />0x0000: 4500 0030 244a 4000 8006 51d9 c0a8 0164 E..0$J@...Q....d<br />0x0010: c0a8 01f0 fe81 0c38 388d 163d 0000 0000 .......88..=....<br />0x0020: 7002 2000 84f6 0000 0204 05b4 0101 0402 p...............<br />Date=2016-06-28 Time=08:41:59 log_id=0110021 log_type=Firewall log_component=Identity log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=PortB out_dev= inzone_id=1 outzone_id=2 source_mac=34:e6:d7:10:ac:01 dest_mac=00:02:b6:45:05:3f l3_protocol=IP source_ip=192.168.1.100 dest_ip=192.168.1.240 l4_protocol=TCP source_port=65153 dest_port=3128 fw_rule_id=1 policytype=1 live_userid=0 userid=65535 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=1 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=1 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=72 max_session_bytes=0 drop_fix=0 ctflags=0 connid=2147516424 masterid=3664261120 status=0 state=288 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A</p> <p></p> <p>Access_Server.Log</p> <p>tail -10000 /log/access_server.log | grep neal<br />b<br />DEBUG Jun 28 08:14:52 [1997469440]: (lc_utf8_bytes): lowercase = &#39;nealb&#39;<br />DEBUG Jun 28 08:14:52 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:14:52 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:&#39;name&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:14:52 [1997469440]: fill_logout_garner_data: UPLOAD:0,DOWNLOAD:0,starttime:1467118338, Groupid:5, MAC:&#39;&#39;, NAME:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:14:52 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:&#39;{ &quot;userids&quot;:[&quot;nealb@kb.local&quot;],&quot;uploaddata&quot;:[&quot;254186985224&quot;],&quot;downloaddata&quot;:[&quot;27217391412&quot;],&quot;cycleupload&quot;:[&quot;254186985224&quot;],&quot;cycledownload&quot;:[&quot;27217391412&quot;],&quot;usedminutes&quot;:[398884],&quot;cycleusedminutes&quot;:[398884],&quot;lastusedtime&quot;:[&quot;2016-06-28 08:11:59&quot;] }&#39;<br />DEBUG Jun 28 08:14:52 [1997469440]: (opcode_handle_logout): clienttype 9, JASON: { &quot;userid&quot;:&quot;nealb@kb.local&quot;,&quot;liveuserid&quot;:&quot;494&quot;,&quot;bwpolicyid&quot;:&quot;&quot;,&quot;ipaddress&quot;:&quot;10.10.0.21&quot;,&quot;setname&quot;:&quot;lusers&quot;, }<br />DEBUG Jun 28 08:16:25 [1997469440]: (lc_utf8_bytes): lowercase = &#39;nealb&#39;<br />DEBUG Jun 28 08:16:25 [1987046208]: insert_escape_sequence: string to process nealb<br />DEBUG Jun 28 08:16:25 [1987046208]: insert_escape_sequence: after inserting escape seq nealb<br />INFO Jun 28 08:16:25 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: &#39;nealb&#39;<br />INFO Jun 28 08:16:25 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: &#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jun 28 08:16:25 [1987046208]: adsauth_authenticate_user: &#39;10.10.0.10:389&#39;:(filter: &#39;(sAMAccountName=nealb)&#39;) USER found DN:&#39;CN=Neal Bellamy,OU=KBUsers,OU=KB,DC=KB,DC=Local&#39;<br />DEBUG Jun 28 08:16:25 [1994390336]: pg_db_handle_request: req_type:0, static_query:SELECT a.userid, a.groupid, a.username, a.name, a.emailid, view_group.name, a.active, a.usertype, a.webfilterid, a.appfilterid, a.accesspolicyid, a.bwpolicyid, a.surfingquotapolicyid, a.datatransferpolicyid, a.ipallocation, tblpolicy.allotedminutes, b.usedminutes, b.cycleusedminutes, b.uploaddata, b.downloaddata, b.lastusedtime, b.cycleupload, b.cycledownload, a.maxloginallowed, a.renewdate, a.macbinding, view_group.ipallocation from tbluser a left join tblpolicy on (a.surfingquotapolicyid = tblpolicy.policyid) left join tblsecuritypolicy on (a.webfilterid = tblsecuritypolicy.securitypolicyid) left join tblappfilterpolicy on (a.appfilterid = tblappfilterpolicy.id) left join tblbandwidthpolicy on (a.bwpolicyid= tblbandwidthpolicy.policyid), view_group, tbluseraccounting b WHERE a.userid = b.userid and a.groupid = view_group.groupid and username = &#39;nealb@kb.local&#39; and usertype in (1, 2, 5, 8 )<br />DEBUG Jun 28 08:16:25 [1994390336]: pg_db_handle_get_userinfo: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:16:25 [1994390336]: pg_db_handle_get_userinfo: column:&#39;name&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:16:25 [1994390336]: pg_db_handle_get_userinfo: column:&#39;emailid&#39;, value:&#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jun 28 08:16:25 [1994390336]: get_email_attr: email Attr: &#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jun 28 08:16:25 [1993337664]: sqlite_db_handle_request: req_type:2, query:SELECT count(*) FROM tblliveuser WHERE username = &#39;nealb@kb.local&#39; and isactive &gt; 0<br />DEBUG Jun 28 08:16:25 [1997469440]: do_authorization_phase2: User:&#39;nealb@kb.local&#39;, Logincount:2<br />DEBUG Jun 28 08:16:25 [1993337664]: sqlite_db_handle_request: req_type:8, query:INSERT INTO tblliveuser (liveuserid, userid, username, name, uname, ipaddress, groupid, starttime, lastlivetime, isactive, webfilterid, appfilterid, bwpolicy, squotapolicy, accesspolicy, datatransferpolicy, renewdate, macaddress, clienttype, address_family, deviceid, agentipaddress, authserverid) VALUES (505, 8, &#39;nealb@kb.local&#39;, &#39;nealb@kb.local&#39;, &#39;nealb&#39;, &#39;10.10.0.21&#39;, 5, 957035, 957035, 1, 1, 1, 0, 1, 1, 0, &#39;2015-02-21&#39;, &#39;&#39;, 9, 2, &#39;&#39;, &#39;&#39;, 0)<br />INFO Jun 28 08:16:25 [1997469440]: handle_liveuser_insert: LIVE USER &#39;nealb@kb.local&#39; INSERTED<br />DEBUG Jun 28 08:16:25 [1984940864]: opcode_handle_login: OPCODE: JSON:&#39;{ &quot;groupid&quot;: [&quot;5&quot;,&quot;6&quot;],&quot;userid&quot;:&quot;nealb@kb.local&quot;,&quot;liveuserid&quot;:&quot;505&quot;,&quot;ipaddress&quot;:&quot;10.10.0.21&quot;,&quot;bwpolicyid&quot;:&quot;&quot;,&quot;webfilterid&quot;:&quot;Allow All&quot;,&quot;appfilterid&quot;:&quot;Allow All&quot;,&quot;starttime&quot;:&quot;957035&quot;,&quot;clienttype&quot;:&quot;9&quot;,&quot;setname&quot;:&quot;lusers&quot;,&quot;addr_family&quot;:&quot;2&quot;,&quot;ismicroapp&quot;:&quot;0&quot;,&quot;authservername&quot;:&quot;&quot;,&quot;macaddress&quot;:&quot;&quot;,&quot;logintime&quot;:&quot;2016-06-28 08:16:25&quot; }&#39;<br />DEBUG Jun 28 08:29:25 [1997469440]: (lc_utf8_bytes): lowercase = &#39;nealb&#39;<br />DEBUG Jun 28 08:29:25 [1987046208]: insert_escape_sequence: string to process nealb<br />DEBUG Jun 28 08:29:25 [1987046208]: insert_escape_sequence: after inserting escape seq nealb<br />INFO Jun 28 08:29:25 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: &#39;nealb&#39;<br />INFO Jun 28 08:29:25 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: &#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jun 28 08:29:25 [1987046208]: adsauth_authenticate_user: &#39;10.10.0.10:389&#39;:(filter: &#39;(sAMAccountName=nealb)&#39;) USER found DN:&#39;CN=Neal Bellamy,OU=KBUsers,OU=KB,DC=KB,DC=Local&#39;<br />DEBUG Jun 28 08:29:25 [1994390336]: pg_db_handle_request: req_type:0, static_query:SELECT a.userid, a.groupid, a.username, a.name, a.emailid, view_group.name, a.active, a.usertype, a.webfilterid, a.appfilterid, a.accesspolicyid, a.bwpolicyid, a.surfingquotapolicyid, a.datatransferpolicyid, a.ipallocation, tblpolicy.allotedminutes, b.usedminutes, b.cycleusedminutes, b.uploaddata, b.downloaddata, b.lastusedtime, b.cycleupload, b.cycledownload, a.maxloginallowed, a.renewdate, a.macbinding, view_group.ipallocation from tbluser a left join tblpolicy on (a.surfingquotapolicyid = tblpolicy.policyid) left join tblsecuritypolicy on (a.webfilterid = tblsecuritypolicy.securitypolicyid) left join tblappfilterpolicy on (a.appfilterid = tblappfilterpolicy.id) left join tblbandwidthpolicy on (a.bwpolicyid= tblbandwidthpolicy.policyid), view_group, tbluseraccounting b WHERE a.userid = b.userid and a.groupid = view_group.groupid and username = &#39;nealb@kb.local&#39; and usertype in (1, 2, 5, 8 )<br />DEBUG Jun 28 08:29:25 [1994390336]: pg_db_handle_get_userinfo: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:29:25 [1994390336]: pg_db_handle_get_userinfo: column:&#39;name&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:29:25 [1994390336]: pg_db_handle_get_userinfo: column:&#39;emailid&#39;, value:&#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jun 28 08:29:25 [1994390336]: get_email_attr: email Attr: &#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jun 28 08:29:25 [1993337664]: sqlite_db_handle_request: req_type:2, query:SELECT count(*) FROM tblliveuser WHERE username = &#39;nealb@kb.local&#39; and isactive &gt; 0<br />DEBUG Jun 28 08:29:25 [1997469440]: do_authorization_phase2: User:&#39;nealb@kb.local&#39;, Logincount:3<br />DEBUG Jun 28 08:29:25 [1993337664]: sqlite_db_handle_request: req_type:8, query:INSERT INTO tblliveuser (liveuserid, userid, username, name, uname, ipaddress, groupid, starttime, lastlivetime, isactive, webfilterid, appfilterid, bwpolicy, squotapolicy, accesspolicy, datatransferpolicy, renewdate, macaddress, clienttype, address_family, deviceid, agentipaddress, authserverid) VALUES (506, 8, &#39;nealb@kb.local&#39;, &#39;nealb@kb.local&#39;, &#39;nealb&#39;, &#39;192.168.1.100&#39;, 5, 957814, 957814, 1, 1, 1, 0, 1, 1, 0, &#39;2015-02-21&#39;, &#39;&#39;, 9, 2, &#39;&#39;, &#39;&#39;, 0)<br />INFO Jun 28 08:29:25 [1997469440]: handle_liveuser_insert: LIVE USER &#39;nealb@kb.local&#39; INSERTED<br />DEBUG Jun 28 08:29:25 [1984940864]: opcode_handle_login: OPCODE: JSON:&#39;{ &quot;groupid&quot;: [&quot;5&quot;,&quot;6&quot;],&quot;userid&quot;:&quot;nealb@kb.local&quot;,&quot;liveuserid&quot;:&quot;506&quot;,&quot;ipaddress&quot;:&quot;192.168.1.100&quot;,&quot;bwpolicyid&quot;:&quot;&quot;,&quot;webfilterid&quot;:&quot;Allow All&quot;,&quot;appfilterid&quot;:&quot;Allow All&quot;,&quot;starttime&quot;:&quot;957814&quot;,&quot;clienttype&quot;:&quot;9&quot;,&quot;setname&quot;:&quot;lusers&quot;,&quot;addr_family&quot;:&quot;2&quot;,&quot;ismicroapp&quot;:&quot;0&quot;,&quot;authservername&quot;:&quot;&quot;,&quot;macaddress&quot;:&quot;&quot;,&quot;logintime&quot;:&quot;2016-06-28 08:29:25&quot; }&#39;<br />DEBUG Jun 28 08:29:51 [1997469440]: (lc_utf8_bytes): lowercase = &#39;nealb&#39;<br />DEBUG Jun 28 08:29:51 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:29:51 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:&#39;name&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:29:51 [1997469440]: fill_logout_garner_data: UPLOAD:0,DOWNLOAD:0,starttime:1467120563, Groupid:5, MAC:&#39;&#39;, NAME:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:29:51 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:&#39;{ &quot;userids&quot;:[&quot;nealb@kb.local&quot;],&quot;uploaddata&quot;:[&quot;254186985224&quot;],&quot;downloaddata&quot;:[&quot;27217391412&quot;],&quot;cycleupload&quot;:[&quot;254186985224&quot;],&quot;cycledownload&quot;:[&quot;27217391412&quot;],&quot;usedminutes&quot;:[398895],&quot;cycleusedminutes&quot;:[398895],&quot;lastusedtime&quot;:[&quot;2016-06-28 08:26:59&quot;] }&#39;<br />DEBUG Jun 28 08:29:52 [1997469440]: (opcode_handle_logout): clienttype 9, JASON: { &quot;userid&quot;:&quot;nealb@kb.local&quot;,&quot;liveuserid&quot;:&quot;506&quot;,&quot;bwpolicyid&quot;:&quot;&quot;,&quot;ipaddress&quot;:&quot;192.168.1.100&quot;,&quot;setname&quot;:&quot;lusers&quot;, }<br />DEBUG Jun 28 08:30:00 [1997469440]: sqlite_db_handle_get_bulk_liveuseracc: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:30:00 [1997469440]: sqlite_db_handle_get_bulk_liveuseracc: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:30:00 [1997469440]: sqlite_db_handle_get_bulk_liveuseracc: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:30:00 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:&#39;{ &quot;userids&quot;:[&quot;davids@kb.local&quot;,&quot;haleyw@kb.local&quot;,&quot;jamess@kb.local&quot;,&quot;barney@kb.local&quot;,&quot;kristenh@kb.local&quot;,&quot;nealb@kb.local&quot;,&quot;jamess@kb.local&quot;,&quot;amys@kb.local&quot;,&quot;nealb@kb.local&quot;,&quot;nealb@kb.local&quot;],&quot;uploaddata&quot;:[&quot;0&quot;,&quot;0&quot;,&quot;15384850&quot;,&quot;0&quot;,&quot;0&quot;,&quot;254186985224&quot;,&quot;15384850&quot;,&quot;0&quot;,&quot;254186985224&quot;,&quot;254186985224&quot;],&quot;downloaddata&quot;:[&quot;0&quot;,&quot;0&quot;,&quot;51788746&quot;,&quot;0&quot;,&quot;0&quot;,&quot;27217391412&quot;,&quot;51788746&quot;,&quot;0&quot;,&quot;27217391412&quot;,&quot;27217391412&quot;],&quot;cycleupload&quot;:[&quot;0&quot;,&quot;0&quot;,&quot;15384850&quot;,&quot;0&quot;,&quot;0&quot;,&quot;254186985224&quot;,&quot;15384850&quot;,&quot;0&quot;,&quot;254186985224&quot;,&quot;254186985224&quot;],&quot;cycledownload&quot;:[&quot;0&quot;,&quot;0&quot;,&quot;51788746&quot;,&quot;0&quot;,&quot;0&quot;,&quot;27217391412&quot;,&quot;51788746&quot;,&quot;0&quot;,&quot;27217391412&quot;,&quot;27217391412&quot;],&quot;usedminutes&quot;:[7660,1297,91869,5016,7760,398895,91869,8173,398895,398895],&quot;cycleusedminutes&quot;:[7660,1297,91869,5016,7760,398895,91869,8173,398895,398895],&quot;lastusedtime&quot;:[&quot;2016-06-28 08:26:59&quot;,&quot;2016-06-28 08:26:59&quot;,&quot;2016-06-28 08:26:59&quot;,&quot;2016-06-28 08:26:59&quot;,&quot;2016-06-28 08:26:59&quot;,&quot;2016-06-28 08:26:59&quot;,&quot;2016-06-28 08:26:59&quot;,&quot;2016-06-28 08:26:59&quot;,&quot;2016-06-28 08:26:59&quot;,&quot;2016-06-28 08:26:59&quot;] }&#39;<br />DEBUG Jun 28 08:34:58 [1997469440]: (lc_utf8_bytes): lowercase = &#39;nealb&#39;<br />DEBUG Jun 28 08:34:58 [1987046208]: insert_escape_sequence: string to process nealb<br />DEBUG Jun 28 08:34:58 [1987046208]: insert_escape_sequence: after inserting escape seq nealb<br />INFO Jun 28 08:34:58 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: &#39;nealb&#39;<br />INFO Jun 28 08:34:58 [1987046208]: adsauth_search_user: 10.10.0.10:389: ATTR-VAL[0]: &#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jun 28 08:34:58 [1987046208]: adsauth_authenticate_user: &#39;10.10.0.10:389&#39;:(filter: &#39;(sAMAccountName=nealb)&#39;) USER found DN:&#39;CN=Neal Bellamy,OU=KBUsers,OU=KB,DC=KB,DC=Local&#39;<br />DEBUG Jun 28 08:34:58 [1994390336]: pg_db_handle_request: req_type:0, static_query:SELECT a.userid, a.groupid, a.username, a.name, a.emailid, view_group.name, a.active, a.usertype, a.webfilterid, a.appfilterid, a.accesspolicyid, a.bwpolicyid, a.surfingquotapolicyid, a.datatransferpolicyid, a.ipallocation, tblpolicy.allotedminutes, b.usedminutes, b.cycleusedminutes, b.uploaddata, b.downloaddata, b.lastusedtime, b.cycleupload, b.cycledownload, a.maxloginallowed, a.renewdate, a.macbinding, view_group.ipallocation from tbluser a left join tblpolicy on (a.surfingquotapolicyid = tblpolicy.policyid) left join tblsecuritypolicy on (a.webfilterid = tblsecuritypolicy.securitypolicyid) left join tblappfilterpolicy on (a.appfilterid = tblappfilterpolicy.id) left join tblbandwidthpolicy on (a.bwpolicyid= tblbandwidthpolicy.policyid), view_group, tbluseraccounting b WHERE a.userid = b.userid and a.groupid = view_group.groupid and username = &#39;nealb@kb.local&#39; and usertype in (1, 2, 5, 8 )<br />DEBUG Jun 28 08:34:58 [1994390336]: pg_db_handle_get_userinfo: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:34:58 [1994390336]: pg_db_handle_get_userinfo: column:&#39;name&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:34:58 [1994390336]: pg_db_handle_get_userinfo: column:&#39;emailid&#39;, value:&#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jun 28 08:34:58 [1994390336]: get_email_attr: email Attr: &#39;nealb@kentonbrothers.com&#39;<br />DEBUG Jun 28 08:34:58 [1993337664]: sqlite_db_handle_request: req_type:2, query:SELECT count(*) FROM tblliveuser WHERE username = &#39;nealb@kb.local&#39; and isactive &gt; 0<br />DEBUG Jun 28 08:34:58 [1997469440]: do_authorization_phase2: User:&#39;nealb@kb.local&#39;, Logincount:3<br />DEBUG Jun 28 08:34:58 [1993337664]: sqlite_db_handle_request: req_type:8, query:INSERT INTO tblliveuser (liveuserid, userid, username, name, uname, ipaddress, groupid, starttime, lastlivetime, isactive, webfilterid, appfilterid, bwpolicy, squotapolicy, accesspolicy, datatransferpolicy, renewdate, macaddress, clienttype, address_family, deviceid, agentipaddress, authserverid) VALUES (506, 8, &#39;nealb@kb.local&#39;, &#39;nealb@kb.local&#39;, &#39;nealb&#39;, &#39;192.168.1.100&#39;, 5, 958148, 958148, 1, 1, 1, 0, 1, 1, 0, &#39;2015-02-21&#39;, &#39;&#39;, 9, 2, &#39;&#39;, &#39;&#39;, 0)<br />INFO Jun 28 08:34:58 [1997469440]: handle_liveuser_insert: LIVE USER &#39;nealb@kb.local&#39; INSERTED<br />DEBUG Jun 28 08:34:58 [1984940864]: opcode_handle_login: OPCODE: JSON:&#39;{ &quot;groupid&quot;: [&quot;5&quot;,&quot;6&quot;],&quot;userid&quot;:&quot;nealb@kb.local&quot;,&quot;liveuserid&quot;:&quot;506&quot;,&quot;ipaddress&quot;:&quot;192.168.1.100&quot;,&quot;bwpolicyid&quot;:&quot;&quot;,&quot;webfilterid&quot;:&quot;Allow All&quot;,&quot;appfilterid&quot;:&quot;Allow All&quot;,&quot;starttime&quot;:&quot;958148&quot;,&quot;clienttype&quot;:&quot;9&quot;,&quot;setname&quot;:&quot;lusers&quot;,&quot;addr_family&quot;:&quot;2&quot;,&quot;ismicroapp&quot;:&quot;0&quot;,&quot;authservername&quot;:&quot;&quot;,&quot;macaddress&quot;:&quot;&quot;,&quot;logintime&quot;:&quot;2016-06-28 08:34:58&quot; }&#39;<br />DEBUG Jun 28 08:39:52 [1997469440]: (lc_utf8_bytes): lowercase = &#39;nealb&#39;<br />DEBUG Jun 28 08:39:52 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:&#39;username&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:39:52 [1997469440]: sqlite_db_handle_get_liveuserinfo: column:&#39;name&#39;, value:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:39:52 [1997469440]: fill_logout_garner_data: UPLOAD:0,DOWNLOAD:0,starttime:1467120898, Groupid:5, MAC:&#39;&#39;, NAME:&#39;nealb@kb.local&#39;<br />DEBUG Jun 28 08:39:52 [1997469440]: execute_update_tbluseraccounting: OPCODE: JSON:&#39;{ &quot;userids&quot;:[&quot;nealb@kb.local&quot;],&quot;uploaddata&quot;:[&quot;254186985224&quot;],&quot;downloaddata&quot;:[&quot;27217391412&quot;],&quot;cycleupload&quot;:[&quot;254186985224&quot;],&quot;cycledownload&quot;:[&quot;27217391412&quot;],&quot;usedminutes&quot;:[398906],&quot;cycleusedminutes&quot;:[398906],&quot;lastusedtime&quot;:[&quot;2016-06-28 08:39:00&quot;] }&#39;<br />DEBUG Jun 28 08:39:52 [1997469440]: (opcode_handle_logout): clienttype 9, JASON: { &quot;userid&quot;:&quot;nealb@kb.local&quot;,&quot;liveuserid&quot;:&quot;506&quot;,&quot;bwpolicyid&quot;:&quot;&quot;,&quot;ipaddress&quot;:&quot;192.168.1.100&quot;,&quot;setname&quot;:&quot;lusers&quot;, }</p><div style="clear:both;"></div>RE: STAS causing dropped packets?https://community.sophos.com/thread/299258?ContentTypeID=1Tue, 21 Jun 2016 09:17:54 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:4ca6f050-5db8-4a57-b481-6e42a036db6dNealBellamy<p>everybody is having issues, and there are no special characters in the usernames (Usernames are first name and last initial i.e. NealB)</p> <p>I have started the debug logging. Do you want the output now or wait until it have an issue again?</p> <p>Thanks,</p> <p>Neal</p><div style="clear:both;"></div>RE: STAS causing dropped packets?https://community.sophos.com/thread/299256?ContentTypeID=1Tue, 21 Jun 2016 09:11:23 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:3de4c3db-076d-471e-8dde-1e3a2fa2bb29sachingurung<p>Hi Neal,</p> <p>Does this happen with every user or any specific user? If it occurs with a particular user please verify that there is no use of any special characters in the original name of the User on AD.</p> <p>Take SSH to XG, go to option 5.&gt;3. Advance shell and type:&nbsp;service access_server:debug -ds nosync</p> <p>&gt; cd /log</p> <p>&gt; tail -f access_server.log | grep username</p> <p>Post the logs.</p> <p>Thanks</p><div style="clear:both;"></div>RE: STAS causing dropped packets?https://community.sophos.com/thread/299250?ContentTypeID=1Tue, 21 Jun 2016 07:44:55 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:4ad627ec-d9a6-4038-b538-4fb59f76f0a2NealBellamy<p>I upgraded to MR3 last Thursday. It seemed to be less often, but It happened again this morning. What is the next step to troubleshooting?</p><div style="clear:both;"></div>RE: STAS causing dropped packets?https://community.sophos.com/thread/298974?ContentTypeID=1Fri, 17 Jun 2016 03:48:28 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:028f9c22-2bd9-4baa-bc63-40373187c737sachingurung<p>Hi Neal,</p> <p>Initially, I request you an upgrade to MR3.</p> <p>Thanks</p><div style="clear:both;"></div>