Checkpoint firewall¶
Description¶
Constructor : Checkpoint
Product : Firewall
Theoretical injector performance¶
12256 EPS
Log sample¶
1 | Checkpoint: 10Sep2007 15:19:01 accept 192.168.11.7 >eth3 rule: 92; rule_uid: {11111111-2222-3333-2D9FEAB89E67}; rule_name: consultants API; service_id: consultants_API; src: 192.168.123.240; dst: 192.168.0.254; proto: tcp; product: VPN-1 & FireWall-1; service: 8000; s_port: 41227; |
Normalized fields¶
| Constructor field | LMC field |
|---|---|
| Time of Log | [obs][ts] |
| Action | [action] |
| rule | not used |
| rule_uid | [rule][uid] |
| rule_name | [rule][name] |
| service_id | [checkpoint][service_id] |
| src | [init][host][ip] |
| s_port | [init][host][port] |
| dst | [target][host][ip] |
| d_port | [target][host][port] |
| proto | [checkpoint][proto] |
| product | [checkpoint][product] |
| service | not used |