H3C Access Controllers System Log Messages Reference-6W102

HomeSupportResource CenterH3C Access Controllers System Log Messages Reference-6W102

 

H3C Access Controllers System Log Messages Reference

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Software version: Release 5420

Document version: 6W102-20190603

 

Copyright © 2019 New H3C Technologies Co., Ltd. All rights reserved.

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.

Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.

The information in this document is subject to change without notice.


Contents

AAA messages· 1

AAA_FAILURE· 1

AAA_LAUNCH·· 1

AAA_SUCCESS· 2

ACL messages· 2

ACL_ACCELERATE_NO_RES· 2

ACL_ACCELERATE_NONCONTIGUOUSMASK· 3

ACL_ACCELERATE_NOT_SUPPORT· 3

ACL_ACCELERATE_NOT_SUPPORTHOPBYHOP· 3

ACL_ACCELERATE_NOT_SUPPORTMULTITCPFLAG·· 4

ACL_ACCELERATE_UNK_ERR·· 4

ACL_DYNRULE_COMMENT· 4

ACL_DYNRULE_MDF· 5

ACL_IPV6_STATIS_INFO·· 5

ACL_NO_MEM·· 5

ACL_RULE_REACH_MAXNUM·· 6

ACL_RULE_SUBID_EXCEED·· 6

ACL_STATIS_INFO·· 6

ANCP messages· 6

ANCP_INVALID_PACKET· 7

ANTIVIRUS messages· 7

ANTIVIRUS_IPV4_INTERZONE· 8

ANTIVIRUS_IPV6_INTERZONE· 9

ANTIVIRUS_WARNING·· 10

ANTIVIRUS_WARNING·· 10

ANTIVIRUS_WARNING·· 10

APMGR messages· 10

AP_CREATE_FAILURE· 11

AP_REBOOT_REASON·· 11

APMGR_ADDBAC_INFO·· 11

APMGR_AP_CFG_FAILED·· 12

APMGR_AP_ONLINE· 12

APMGR_DELBAC_INFO·· 12

APMGR_LOG_ADD_AP_FAIL· 13

APMGR_LOG_LACOFFLINE· 13

APMGR_LOG_LACONLINE· 13

APMGR_LOG_MEMALERT· 14

APMGR_LOG_NOLICENSE· 14

APMGR_LOG_OFFLINE· 14

APMGR_LOG_ONLINE· 15

APMGR_LOG_ONLINE_FAILED·· 15

APMGR_REACH_MAX_APNUMBER·· 15

APMGR_SWAC_DRV_FAILED·· 16

CWC_AP_DOWN·· 16

CWC_AP_UP· 17

CWC_AP_REBOOT· 17

CWC_IMG_DOWNLOAD_COMPLETE· 17

CWS_IMG_DOWNLOAD_FAILED·· 18

CWC_IMG_DOWNLOAD_START· 18

CWC_IMG_NO_ENOUGH_SPACE· 18

CWC_LOCALAC_DOWN·· 19

CWC_LOCALAC_UP· 19

CWC_RUN_DOWNLOAD_COMPLETE· 19

CWC_RUN_DOWNLOAD_START· 20

CWC_RUN_NO_ENOUGH_SPACE· 20

CWS_AP_DOWN·· 21

CWS_AP_UP· 21

CWS_IMG_DOWNLOAD_COMPLETE· 22

CWS_IMG_DOWNLOAD_FAILED·· 22

CWS_IMG_DOWNLOAD_START· 22

CWS_IMG_OPENFILE_FAILED·· 23

CWS_LOCALAC_DOWN·· 23

CWS_LOCALAC_UP· 23

CWS_RUN_DOWNLOAD_COMPLETE· 24

CWS_RUN_DOWNLOAD_START· 24

RADIO·· 24

Application account extraction messages· 25

USER-NETLOG·· 25

Application audit and management messages· 25

AUDIT_RULE_MATCH_IM_IPV4_LOG·· 26

AUDIT_RULE_MATCH_MAIL_IPV4_LOG·· 27

AUDIT_RULE_MATCH_FORUM_IPV4_LOG·· 28

AUDIT_RULE_MATCH_SEARCH_IPV4_LOG·· 29

AUDIT_RULE_MATCH_FILE_IPV4_LOG·· 30

AUDIT_RULE_MATCH_AS_IPV4_LOG·· 31

AUDIT_RULE_MATCH_OTHER_IPV4_LOG·· 32

AUDIT_RULE_MATCH_IM_IPV6_LOG·· 33

AUDIT_RULE_MATCH_MAIL_IPV6_LOG·· 34

AUDIT_RULE_MATCH_FORUM_IPV6_LOG·· 35

AUDIT_RULE_MATCH_SEARCH_IPV6_LOG·· 36

AUDIT_RULE_MATCH_FILE_IPV6_LOG·· 37

AUDIT_RULE_MATCH_AS_IPV6_LOG·· 38

AUDIT_RULE_MATCH_OTHER_IPV6_LOG·· 39

APR messages· 39

NBAR_WARNING·· 40

NBAR_WARNING·· 40

NBAR_WARNING·· 40

ARP messages· 41

ARP_ACTIVE_ACK_NO_REPLY· 41

ARP_ACTIVE_ACK_NOREQUESTED_REPLY· 41

ARP_BINDRULETOHW_FAILED·· 42

ARP_DYNAMIC·· 42

ARP_DYNAMIC_IF· 43

ARP_DYNAMIC_SLOT· 43

ARP_HOST_IP_CONFLICT· 43

ARP_RATE_EXCEEDED·· 44

ARP_SENDER_IP_INVALID·· 44

ARP_SENDER_MAC_INVALID·· 44

ARP_SRC_MAC_FOUND_ATTACK· 45

ARP_TARGET_IP_INVALID·· 45

DUPIFIP· 45

DUPIP· 46

DUPVRRPIP· 46

ASPF messages· 46

ASPF_IPV4_DNS· 47

ASPF_IPV6_DNS· 48

ATK messages· 48

ATK_ICMP_ADDRMASK_REQ·· 49

ATK_ICMP_ADDRMASK_REQ_RAW·· 49

ATK_ICMP_ADDRMASK_RPL· 50

ATK_ICMP_ADDRMASK_RPL_RAW·· 50

ATK_ICMP_ECHO_RPL· 51

ATK_ICMP_ECHO_RPL_RAW·· 51

ATK_ICMP_ECHO_REQ·· 52

ATK_ICMP_ECHO_REQ_RAW·· 53

ATK_ICMP_FLOOD·· 53

ATK_ICMP_INFO_REQ·· 54

ATK_ICMP_INFO_REQ_RAW·· 54

ATK_ICMP_INFO_RPL· 55

ATK_ICMP_INFO_RPL_RAW·· 55

ATK_ICMP_LARGE· 56

ATK_ICMP_LARGE_RAW·· 56

ATK_ICMP_PARAPROBLEM·· 57

ATK_ICMP_PARAPROBLEM_RAW·· 57

ATK_ICMP_PINGOFDEATH·· 58

ATK_ICMP_PINGOFDEATH_RAW·· 58

ATK_ICMP_REDIRECT· 59

ATK_ICMP_REDIRECT_RAW·· 59

ATK_ICMP_SMURF· 60

ATK_ICMP_SMURF_RAW·· 61

ATK_ICMP_SOURCEQUENCH·· 62

ATK_ICMP_SOURCEQUENCH_RAW·· 62

ATK_ICMP_TIMEEXCEED·· 63

ATK_ICMP_TIMEEXCEED_RAW·· 63

ATK_ICMP_TRACEROUTE· 64

ATK_ICMP_TRACEROUTE_RAW·· 64

ATK_ICMP_TSTAMP_REQ·· 65

ATK_ICMP_TSTAMP_REQ_RAW·· 65

ATK_ICMP_TSTAMP_RPL· 66

ATK_ICMP_TSTAMP_RPL_RAW·· 66

ATK_ICMP_TYPE· 67

ATK_ICMP_TYPE_RAW·· 67

ATK_ICMP_UNREACHABLE· 68

ATK_ICMP_UNREACHABLE_RAW·· 69

ATK_ICMPV6_DEST_UNREACH·· 69

ATK_ICMPV6_DEST_UNREACH_RAW·· 70

ATK_ICMPV6_ECHO_REQ·· 70

ATK_ICMPV6_ECHO_REQ_RAW·· 71

ATK_ICMPV6_ECHO_RPL· 71

ATK_ICMPV6_ECHO_RPL_RAW·· 72

ATK_ICMPV6_FLOOD·· 72

ATK_ICMPV6_GROUPQUERY· 73

ATK_ICMPV6_GROUPQUERY_RAW·· 73

ATK_ICMPV6_GROUPREDUCTION·· 74

ATK_ICMPV6_GROUPREDUCTION_RAW·· 74

ATK_ICMPV6_GROUPREPORT· 75

ATK_ICMPV6_GROUPREPORT_RAW·· 75

ATK_ICMPV6_LARGE· 76

ATK_ICMPV6_LARGE_RAW·· 76

ATK_ICMPV6_PACKETTOOBIG·· 77

ATK_ICMPV6_PACKETTOOBIG_RAW·· 77

ATK_ICMPV6_PARAPROBLEM·· 78

ATK_ICMPV6_PARAPROBLEM_RAW·· 78

ATK_ICMPV6_TIMEEXCEED·· 79

ATK_ICMPV6_TIMEEXCEED_RAW·· 79

ATK_ICMPV6_TRACEROUTE· 80

ATK_ICMPV6_TRACEROUTE_RAW·· 80

ATK_ICMPV6_TYPE· 81

ATK_ICMPV6_TYPE_RAW·· 81

ATK_IP4_ACK_FLOOD·· 82

ATK_IP4_DIS_PORTSCAN·· 82

ATK_IP4_DNS_FLOOD·· 83

ATK_IP4_FIN_FLOOD·· 83

ATK_IP4_FRAGMENT· 84

ATK_IP4_FRAGMENT_RAW·· 85

ATK_IP4_HTTP_FLOOD·· 85

ATK_IP4_IMPOSSIBLE· 86

ATK_IP4_IMPOSSIBLE_RAW·· 87

ATK_IP4_IPSWEEP· 87

ATK_IP4_PORTSCAN·· 88

ATK_IP4_RST_FLOOD·· 88

ATK_IP4_SYN_FLOOD·· 89

ATK_IP4_SYNACK_FLOOD·· 89

ATK_IP4_TCP_ALLFLAGS· 90

ATK_IP4_TCP_ALLFLAGS_RAW·· 90

ATK_IP4_TCP_FINONLY· 91

ATK_IP4_TCP_FINONLY_RAW·· 91

ATK_IP4_TCP_INVALIDFLAGS· 92

ATK_IP4_TCP_INVALIDFLAGS_RAW·· 93

ATK_IP4_TCP_LAND·· 94

ATK_IP4_TCP_LAND_RAW·· 94

ATK_IP4_TCP_NULLFLAG·· 95

ATK_IP4_TCP_NULLFLAG_RAW·· 95

ATK_IP4_TCP_SYNFIN·· 96

ATK_IP4_TCP_SYNFIN_RAW·· 96

ATK_IP4_TCP_WINNUKE· 97

ATK_IP4_TCP_WINNUKE_RAW·· 98

ATK_IP4_TEARDROP· 99

ATK_IP4_TEARDROP_RAW·· 100

ATK_IP4_TINY_FRAGMENT· 101

ATK_IP4_TINY_FRAGMENT_RAW·· 102

ATK_IP4_UDP_BOMB· 103

ATK_IP4_UDP_BOMB_RAW·· 104

ATK_IP4_UDP_FLOOD·· 104

ATK_IP4_UDP_FRAGGLE· 105

ATK_IP4_UDP_FRAGGLE_RAW·· 105

ATK_IP4_UDP_SNORK· 106

ATK_IP4_UDP_SNORK_RAW·· 106

ATK_IP6_ACK_FLOOD·· 107

ATK_IP6_DIS_PORTSCAN·· 107

ATK_IP6_DNS_FLOOD·· 108

ATK_IP6_FIN_FLOOD·· 108

ATK_IP6_FRAGMENT· 109

ATK_IP6_FRAGMENT_RAW·· 109

ATK_IP6_HTTP_FLOOD·· 110

ATK_IP6_IMPOSSIBLE· 110

ATK_IP6_IMPOSSIBLE_RAW·· 111

ATK_IP6_IPSWEEP· 111

ATK_IP6_PORTSCAN·· 112

ATK_IP6_RST_FLOOD·· 112

ATK_IP6_SYN_FLOOD·· 113

ATK_IP6_SYNACK_FLOOD·· 113

ATK_IP6_TCP_ALLFLAGS· 114

ATK_IP6_TCP_ALLFLAGS_RAW·· 114

ATK_IP6_TCP_FINONLY· 115

ATK_IP6_TCP_FINONLY_RAW·· 115

ATK_IP6_TCP_INVALIDFLAGS· 116

ATK_IP6_TCP_INVALIDFLAGS_RAW·· 117

ATK_IP6_TCP_LAND·· 118

ATK_IP6_TCP_LAND_RAW·· 118

ATK_IP6_TCP_NULLFLAG·· 119

ATK_IP6_TCP_NULLFLAG_RAW·· 119

ATK_IP6_TCP_SYNFIN·· 120

ATK_IP6_TCP_SYNFIN_RAW·· 120

ATK_IP6_TCP_WINNUKE· 121

ATK_IP6_TCP_WINNUKE_RAW·· 121

ATK_IP6_UDP_FLOOD·· 122

ATK_IP6_UDP_FRAGGLE· 122

ATK_IP6_UDP_FRAGGLE_RAW·· 123

ATK_IP6_UDP_SNORK· 123

ATK_IP6_UDP_SNORK_RAW·· 124

ATK_IP_OPTION·· 125

ATK_IP_OPTION_RAW·· 126

ATK_IPOPT_ABNORMAL· 127

ATK_IPOPT_ABNORMAL_RAW·· 128

ATK_IPOPT_LOOSESRCROUTE· 129

ATK_IPOPT_LOOSESRCROUTE_RAW·· 130

ATK_IPOPT_RECORDROUTE· 131

ATK_IPOPT_RECORDROUTE_RAW·· 132

ATK_IPOPT_ROUTEALERT· 133

ATK_IPOPT_ROUTEALERT_RAW·· 134

ATK_IPOPT_SECURITY· 135

ATK_IPOPT_SECURITY_RAW·· 136

ATK_IPOPT_STREAMID·· 137

ATK_IPOPT_STREAMID_RAW·· 138

ATK_IPOPT_STRICTSRCROUTE· 139

ATK_IPOPT_STRICTSRCROUTE_RAW·· 140

ATK_IPOPT_TIMESTAMP· 141

ATK_IPOPT_TIMESTAMP_RAW·· 142

ATK_IPV6_EXT_HEADER·· 143

ATK_IPV6_EXT_HEADER _RAW·· 143

ATK_ICMP_ADDRMASK_REQ_SZ· 144

ATK_ICMP_ADDRMASK_REQ_RAW_SZ· 144

ATK_ICMP_ADDRMASK_RPL_SZ· 145

ATK_ICMP_ADDRMASK_RPL_RAW_SZ· 145

ATK_ICMP_ECHO_RPL_SZ· 146

ATK_ICMP_ECHO_RPL_RAW_SZ· 146

ATK_ICMP_ECHO_REQ_SZ· 147

ATK_ICMP_ECHO_REQ_RAW_SZ· 148

ATK_ICMP_FLOOD_SZ· 148

ATK_ICMP_INFO_REQ_SZ· 149

ATK_ICMP_INFO_REQ_RAW_SZ· 149

ATK_ICMP_INFO_RPL_SZ· 150

ATK_ICMP_INFO_RPL_RAW_SZ· 150

ATK_ICMP_LARGE_SZ· 151

ATK_ICMP_LARGE_RAW_SZ· 151

ATK_ICMP_PARAPROBLEM_SZ· 152

ATK_ICMP_PARAPROBLEM_RAW_SZ· 152

ATK_ICMP_PINGOFDEATH_SZ· 153

ATK_ICMP_PINGOFDEATH_RAW_SZ· 153

ATK_ICMP_REDIRECT_SZ· 154

ATK_ICMP_REDIRECT_RAW_SZ· 154

ATK_ICMP_SMURF_SZ· 155

ATK_ICMP_SMURF_RAW_SZ· 156

ATK_ICMP_SOURCEQUENCH_SZ· 157

ATK_ICMP_SOURCEQUENCH_RAW_SZ· 157

ATK_ICMP_TIMEEXCEED_SZ· 158

ATK_ICMP_TIMEEXCEED_RAW_SZ· 158

ATK_ICMP_TRACEROUTE_SZ· 159

ATK_ICMP_TRACEROUTE_RAW_SZ· 159

ATK_ICMP_TSTAMP_REQ_SZ· 160

ATK_ICMP_TSTAMP_REQ_RAW_SZ· 160

ATK_ICMP_TSTAMP_RPL_SZ· 161

ATK_ICMP_TSTAMP_RPL_RAW_SZ· 161

ATK_ICMP_TYPE_SZ· 162

ATK_ICMP_TYPE_RAW_SZ· 162

ATK_ICMP_UNREACHABLE_SZ· 163

ATK_ICMP_UNREACHABLE_RAW_SZ· 164

ATK_ICMPV6_DEST_UNREACH_SZ· 164

ATK_ICMPV6_DEST_UNREACH_RAW_SZ· 165

ATK_ICMPV6_ECHO_REQ_SZ· 165

ATK_ICMPV6_ECHO_REQ_RAW_SZ· 166

ATK_ICMPV6_ECHO_RPL_SZ· 166

ATK_ICMPV6_ECHO_RPL_RAW_SZ· 167

ATK_ICMPV6_FLOOD_SZ· 167

ATK_ICMPV6_GROUPQUERY_SZ· 168

ATK_ICMPV6_GROUPQUERY_RAW_SZ· 168

ATK_ICMPV6_GROUPREDUCTION_SZ· 169

ATK_ICMPV6_GROUPREDUCTION_RAW_SZ· 169

ATK_ICMPV6_GROUPREPORT_SZ· 170

ATK_ICMPV6_GROUPREPORT_RAW_SZ· 170

ATK_ICMPV6_LARGE_SZ· 171

ATK_ICMPV6_LARGE_RAW_SZ· 171

ATK_ICMPV6_PACKETTOOBIG_SZ· 172

ATK_ICMPV6_PACKETTOOBIG_RAW_SZ· 172

ATK_ICMPV6_PARAPROBLEM_SZ· 173

ATK_ICMPV6_PARAPROBLEM_RAW_SZ· 173

ATK_ICMPV6_TIMEEXCEED_SZ· 174

ATK_ICMPV6_TIMEEXCEED_RAW_SZ· 174

ATK_ICMPV6_TRACEROUTE_SZ· 175

ATK_ICMPV6_TRACEROUTE_RAW_SZ· 175

ATK_ICMPV6_TYPE_SZ· 176

ATK_ICMPV6_TYPE _RAW_SZ· 176

ATK_IP4_ACK_FLOOD_SZ· 177

ATK_IP4_DIS_PORTSCAN_SZ· 177

ATK_IP4_DNS_FLOOD_SZ· 178

ATK_IP4_FIN_FLOOD_SZ· 178

ATK_IP4_FRAGMENT_SZ· 179

ATK_IP4_FRAGMENT_RAW_SZ· 180

ATK_IP4_HTTP_FLOOD_SZ· 180

ATK_IP4_IMPOSSIBLE_SZ· 181

ATK_IP4_IMPOSSIBLE_RAW_SZ· 182

ATK_IP4_IPSWEEP_SZ· 182

ATK_IP4_PORTSCAN_SZ· 183

ATK_IP4_RST_FLOOD_SZ· 183

ATK_IP4_SYN_FLOOD_SZ· 184

ATK_IP4_SYNACK_FLOOD_SZ· 184

ATK_IP4_TCP_ALLFLAGS_SZ· 185

ATK_IP4_TCP_ALLFLAGS_RAW_SZ· 185

ATK_IP4_TCP_FINONLY_SZ· 186

ATK_IP4_TCP_FINONLY_RAW_SZ· 186

ATK_IP4_TCP_INVALIDFLAGS_SZ· 187

ATK_IP4_TCP_INVALIDFLAGS_RAW_SZ· 188

ATK_IP4_TCP_LAND_SZ· 189

ATK_IP4_TCP_LAND_RAW_SZ· 189

ATK_IP4_TCP_NULLFLAG_SZ· 190

ATK_IP4_TCP_NULLFLAG_RAW_SZ· 190

ATK_IP4_TCP_SYNFIN_SZ· 191

ATK_IP4_TCP_SYNFIN_RAW_SZ· 191

ATK_IP4_TCP_WINNUKE_SZ· 192

ATK_IP4_TCP_WINNUKE_RAW_SZ· 193

ATK_IP4_TEARDROP_SZ· 194

ATK_IP4_TEARDROP_RAW_SZ· 195

ATK_IP4_TINY_FRAGMENT_SZ· 196

ATK_IP4_TINY_FRAGMENT_RAW_SZ· 197

ATK_IP4_UDP_BOMB_SZ· 198

ATK_IP4_UDP_BOMB_RAW_SZ· 199

ATK_IP4_UDP_FLOOD_SZ· 199

ATK_IP4_UDP_FRAGGLE_SZ· 200

ATK_IP4_UDP_FRAGGLE_RAW_SZ· 200

ATK_IP4_UDP_SNORK_SZ· 201

ATK_IP4_UDP_SNORK_RAW_SZ· 201

ATK_IP6_ACK_FLOOD_SZ· 202

ATK_IP6_DIS_PORTSCAN_SZ· 202

ATK_IP6_DNS_FLOOD_SZ· 203

ATK_IP6_FIN_FLOOD_SZ· 203

ATK_IP6_FRAGMENT_SZ· 204

ATK_IP6_FRAGMENT_RAW_SZ· 204

ATK_IP6_HTTP_FLOOD_SZ· 205

ATK_IP6_IMPOSSIBLE_SZ· 205

ATK_IP6_IMPOSSIBLE_RAW_SZ· 206

ATK_IP6_IPSWEEP_SZ· 206

ATK_IP6_PORTSCAN_SZ· 207

ATK_IP6_RST_FLOOD_SZ· 207

ATK_IP6_SYN_FLOOD_SZ· 208

ATK_IP6_SYNACK_FLOOD_SZ· 208

ATK_IP6_TCP_ALLFLAGS_SZ· 209

ATK_IP6_TCP_ALLFLAGS_RAW_SZ· 209

ATK_IP6_TCP_FINONLY_SZ· 210

ATK_IP6_TCP_FINONLY_RAW_SZ· 210

ATK_IP6_TCP_INVALIDFLAGS_SZ· 211

ATK_IP6_TCP_INVALIDFLAGS_RAW_SZ· 212

ATK_IP6_TCP_LAND_SZ· 213

ATK_IP6_TCP_LAND_RAW_SZ· 213

ATK_IP6_TCP_NULLFLAG_SZ· 214

ATK_IP6_TCP_NULLFLAG_RAW_SZ· 214

ATK_IP6_TCP_SYNFIN_SZ· 215

ATK_IP6_TCP_SYNFIN_RAW_SZ· 215

ATK_IP6_TCP_WINNUKE_SZ· 216

ATK_IP6_TCP_WINNUKE_RAW_SZ· 216

ATK_IP6_UDP_FLOOD_SZ· 217

ATK_IP6_UDP_FRAGGLE_SZ· 217

ATK_IP6_UDP_FRAGGLE_RAW_SZ· 218

ATK_IP6_UDP_SNORK_SZ· 218

ATK_IP6_UDP_SNORK_RAW_SZ· 219

ATK_IP_OPTION_SZ· 220

ATK_IP_OPTION_RAW_SZ· 221

ATK_IPOPT_ABNORMAL_SZ· 222

ATK_IPOPT_ABNORMAL_RAW_SZ· 223

ATK_IPOPT_LOOSESRCROUTE_SZ· 224

ATK_IPOPT_LOOSESRCROUTE_RAW_SZ· 225

ATK_IPOPT_RECORDROUTE_SZ· 226

ATK_IPOPT_RECORDROUTE_RAW_SZ· 227

ATK_IPOPT_ROUTEALERT_SZ· 228

ATK_IPOPT_ROUTEALERT_RAW_SZ· 229

ATK_IPOPT_SECURITY_SZ· 230

ATK_IPOPT_SECURITY_RAW_SZ· 231

ATK_IPOPT_STREAMID_SZ· 232

ATK_IPOPT_STREAMID_RAW_SZ· 233

ATK_IPOPT_STRICTSRCROUTE_SZ· 234

ATK_IPOPT_STRICTSRCROUTE_RAW_SZ· 235

ATK_IPOPT_TIMESTAMP_SZ· 236

ATK_IPOPT_TIMESTAMP_RAW_SZ· 237

ATK_IPV6_EXT_HEADER_SZ· 238

ATK_IPV6_EXT_HEADER_RAW_SZ· 238

ATM·· 239

ATM_PVCDOWN·· 239

ATM_PVCUP· 240

BLS messages· 240

BLS_ENTRY_ADD·· 240

BLS_ENTRY_DEL· 241

BLS_IPV6_ENTRY_ADD·· 241

BLS_IPV6_ENTRY_DEL· 242

BLS_ENTRY_USER_ADD·· 242

BLS_ENTRY_USER_DEL· 243

CFD messages· 243

CFD_CROSS_CCM·· 243

CFD_ERROR_CCM·· 244

CFD_LOST_CCM·· 244

CFD_RECEIVE_CCM·· 245

CFGLOG messages· 245

CFGLOG_CFGOPERATE· 245

CFGMAN messages· 245

CFGMAN_CFGCHANGED·· 246

CFGMAN_OPTCOMPLETION·· 247

CONNLMT messages· 248

CONNLMT_IPV4_OVERLOAD·· 248

CONNLMT_IPV4_RECOVER·· 249

CONNLMT_IPV6_OVERLOAD·· 250

CONNLMT_IPV6_RECOVER·· 251

CONNLMT_IPV4_RATELIMIT· 252

CONNLMT_IPV6_RATELIMIT· 253

DAC· 253

DAC_STORE_STATE_STOREFULL· 254

DAC_STORE_STATE_FULL· 254

DAC_STORE_DELETE_FILE· 255

DAC_HDD_FULL· 255

DEV messages· 255

BOARD_REBOOT· 256

BOARD_REMOVED·· 256

BOARD_STATE_NORMAL· 257

BOARD_STATE_FAULT· 257

CFCARD_INSERTED·· 258

CFCARD_REMOVED·· 258

CHASSIS_REBOOT· 258

DEV_CLOCK_CHANGE· 259

DEV_FAULT_TOOLONG·· 259

FAN_ABSENT· 260

FAN_ABSENT· 260

FAN_DIRECTION_NOT_PREFERRED·· 260

FAN_FAILED·· 261

FAN_FAILED·· 261

FAN_RECOVERED·· 261

FAN_RECOVERED·· 261

MAD_ DETECT· 262

POWER_ABSENT· 262

POWER_ABSENT· 262

POWER_FAILED·· 263

POWER_FAILED·· 263

POWER_MONITOR_ABSENT· 263

POWER_MONITOR_ABSENT· 264

POWER_MONITOR_FAILED·· 264

POWER_MONITOR_FAILED·· 264

POWER_MONITOR_RECOVERED·· 265

POWER_MONITOR_RECOVERED·· 265

POWER_RECOVERED·· 265

POWER_RECOVERED·· 266

RPS_ABSENT· 266

RPS_ABSENT· 266

RPS_NORMAL· 267

RPS_NORMAL· 267

SUBCARD_FAULT· 267

SUBCARD_INSERTED·· 268

SUBCARD_REBOOT· 268

SUBCARD_REMOVED·· 269

SYSTEM_REBOOT· 269

TEMPERATURE_ALARM·· 270

TEMPERATURE_LOW·· 270

TEMPERATURE_NORMAL· 271

TEMPERATURE_SHUTDOWN·· 271

TEMPERATURE_WARNING·· 272

VCHK_VERSION_INCOMPATIBLE· 272

DFILTER messages· 272

DFILTER_IPV4_LOG·· 273

DFILTER_IPV6_LOG·· 274

DHCP· 274

DHCP_NOTSUPPORTED·· 275

DHCP_NORESOURCES· 275

DHCPS messages· 275

DHCPS_ALLOCATE_IP· 276

DHCPS_CONFLICT_IP· 276

DHCPS_EXTEND_IP· 277

DHCPS_FILE· 277

DHCPS_RECLAIM_IP· 277

DHCPS_VERIFY_CLASS· 278

DHCPS6 messages· 278

DHCPS6_ALLOCATE_ADDRESS· 278

DHCPS6_ALLOCATE_PREFIX· 279

DHCPS6_CONFLICT_ADDRESS· 279

DHCPS6_EXTEND_ADDRESS· 280

DHCPS6_EXTEND_PREFIX· 280

DHCPS6_FILE· 281

DHCPS6_RECLAIM_ADDRESS· 281

DHCPS6_RECLAIM_PREFIX· 282

DHCPSP4· 282

DHCPSP4_FILE· 282

DHCPSP6· 282

DHCPSP6_FILE· 283

DIAG messages· 283

CORE_EXCEED_THRESHOLD·· 283

CPU_USAGE_LASTMINUTE· 283

DIAG_STORAGE_BELOW_THRESHOLD·· 284

DIAG_STORAGE_EXCEED_THRESHOLD·· 284

MEM_ALERT· 285

MEM_BELOW_THRESHOLD·· 286

MEM_EXCEED_THRESHOLD·· 286

MEM_USAGE· 287

DLDP messages· 287

DLDP_AUTHENTICATION_FAILED·· 287

DLDP_LINK_BIDIRECTIONAL· 287

DLDP_LINK_UNIDIRECTIONAL· 288

DLDP_NEIGHBOR_AGED·· 288

DLDP_NEIGHBOR_CONFIRMED·· 288

DLDP_NEIGHBOR_DELETED·· 289

DOT1X messages· 289

DOT1X_NOTENOUGH_EADFREEIP_RES· 289

DOT1X_NOTENOUGH_EADFREERULE_RES· 290

DOT1X_NOTENOUGH_EADPORTREDIR_RES· 290

DOT1X_NOTENOUGH_EADMACREDIR_RES· 290

DOT1X_NOTENOUGH_ENABLEDOT1X_RES· 291

DOT1X_NOTSUPPORT_EADFREEIP_RES· 291

DOT1X_NOTSUPPORT_EADFREERULE_RES· 291

DOT1X_NOTSUPPORT_EADMACREDIR_RES· 292

DOT1X_NOTSUPPORT_EADPORTREDIR_RES· 292

DOT1X_UNICAST_NOT_EFFECTIVE· 292

DOT1X_WLAN_LOGIN_FAILURE· 293

DOT1X_WLAN_LOGIN_SUCC·· 294

DOT1X_WLAN_LOGOFF· 295

EDEV messages· 296

EDEV_FAILOVER_GROUP_STATE_CHANGE· 296

EIGRP messages· 296

RID_CHANGE· 296

PEER_CHANGE· 297

ERPS messages· 298

ERPS_STATE_CHANGED·· 298

ETHOAM messages· 298

ETHOAM_CONNECTION_FAIL_DOWN·· 298

ETHOAM_CONNECTION_FAIL_TIMEOUT· 299

ETHOAM_CONNECTION_FAIL_UNSATISF· 299

ETHOAM_CONNECTION_SUCCEED·· 299

ETHOAM_DISABLE· 300

ETHOAM_DISCOVERY_EXIT· 300

ETHOAM_ENABLE· 300

ETHOAM_ENTER_LOOPBACK_CTRLLED·· 301

ETHOAM_ENTER_LOOPBACK_CTRLLING·· 301

ETHOAM_LOCAL_DYING_GASP· 301

ETHOAM_LOCAL_ERROR_FRAME· 302

ETHOAM_LOCAL_ERROR_FRAME_PERIOD·· 302

ETHOAM_LOCAL_ERROR_FRAME_SECOND·· 302

ETHOAM_LOCAL_LINK_FAULT· 303

ETHOAM_LOOPBACK_EXIT· 303

ETHOAM_LOOPBACK_EXIT_ERROR_STATU·· 303

ETHOAM_LOOPBACK_NO_RESOURCE· 304

ETHOAM_LOOPBACK_NOT_SUPPORT· 304

ETHOAM_QUIT_LOOPBACK_CTRLLED·· 304

ETHOAM_QUIT_LOOPBACK_CTRLLING·· 305

ETHOAM_REMOTE_CRITICAL· 305

ETHOAM_REMOTE_DYING_GASP· 305

ETHOAM_REMOTE_ERROR_FRAME· 306

ETHOAM_REMOTE_ERROR_FRAME_PERIOD·· 306

ETHOAM_REMOTE_ERROR_FRAME_SECOND·· 306

ETHOAM_REMOTE_ERROR_SYMBOL· 307

ETHOAM_REMOTE_EXIT· 307

ETHOAM_REMOTE_FAILURE_RECOVER·· 307

ETHOAM_REMOTE_LINK_FAULT· 308

ETHOAM_NO_ENOUGH_RESOURCE· 308

ETHOAM_NOT_CONNECTION_TIMEOUT· 308

EVIISIS messages· 308

EVIISIS_LICENSE· 309

EVIISIS_NBR_CHG·· 309

FCLINK messages· 309

FCLINK_FDISC_REJECT_NORESOURCE· 310

FCLINK_FLOGI_REJECT_NORESOURCE· 310

FCOE messages· 310

FCOE_INTERFACE_NOTSUPPORT_FCOE· 311

FCZONE messages· 311

FCZONE_HARDZONE_DISABLED·· 311

FCZONE_HARDZONE_ENABLED·· 312

FCZONE_ISOLATE_NEIGHBOR·· 312

FCZONE_ISOLATE_ALLNEIGHBOR·· 313

FCZONE_ISOLATE_CLEAR_VSAN·· 313

FCZONE_ISOLATE_CLEAR_ALLVSAN·· 313

FCZONE_DISTRIBUTE_FAILED·· 314

File filtering messages· 314

FFILTER_IPV4_LOG·· 315

FFILTER_IPV6_LOG·· 316

FILTER messages· 316

FILTER_EXECUTION_ICMP· 317

FILTER_EXECUTION_ICMPV6· 318

FILTER_IPV4_EXECUTION·· 319

FILTER_IPV6_EXECUTION·· 320

FILTER_ZONE_IPV4_EXECUTION·· 321

FILTER_ZONE_IPV4_EXECUTION·· 322

FILTER_ZONE_IPV4_EXECUTION·· 323

FILTER_ZONE_IPV6_EXECUTION·· 324

FILTER_ZONE_IPV6_EXECUTION·· 325

FILTER_ZONE_IPV6_EXECUTION·· 326

FILTER_ZONE_EXECUTION_ICMP· 327

FILTER_ZONE_EXECUTION_ICMP· 328

FILTER_ZONE_EXECUTION_ICMP· 329

FILTER_ZONE_EXECUTION_ICMPV6· 330

FILTER_ZONE_EXECUTION_ICMPV6· 331

FILTER_ZONE_EXECUTION_ICMPV6· 332

FS messages· 332

FS_UNFORMATTED_PARTITION·· 332

FTPD messages· 333

FTP_ACL_DENY· 333

FTPD_REACH_SESSION_LIMIT· 333

HA messages· 333

HA_BATCHBACKUP_FINISHED·· 334

HA_BATCHBACKUP_STARTED·· 334

HA_STANDBY_NOT_READY· 334

HA_STANDBY_TO_MASTER·· 335

HQOS messages· 335

HQOS_DP_SET_FAIL· 335

HQOS_FP_SET_FAIL· 336

HQOS_POLICY_APPLY_FAIL· 336

HQOS_POLICY_APPLY_FAIL· 337

HTTPD messages· 337

HTTPD_CONNECT· 337

HTTPD_CONNECT_TIMEOUT· 338

HTTPD_DISCONNECT· 338

HTTPD_FAIL_FOR_ACL· 338

HTTPD_FAIL_FOR_ACP· 339

HTTPD_REACH_CONNECT_LIMIT· 339

Identity messages· 339

IDENTITY_CSV_IMPORT_FAILED·· 340

IDENTITY_IMC_IMPORT_FAILED_NO_MEMORY· 340

IDENTITY_LDAP_IMPORT_FAILED_NO_MEMORY· 340

IDENTITY_LDAP_IMPORT_GROUP_FAILED·· 341

IDENTITY_LDAP_IMPORT_USER_FAILED·· 341

IFNET messages· 341

IF_JUMBOFRAME_WARN·· 342

INTERFACE_NOTSUPPRESSED·· 342

INTERFACE_SUPPRESSED·· 342

LINK_UPDOWN·· 343

PHY_UPDOWN·· 343

PROTOCOL_UPDOWN·· 343

TUNNEL_LINK_UPDOWN·· 344

TUNNEL_PHY_UPDOWN·· 344

VLAN_MODE_CHANGE· 344

IKE messages· 344

IKE_P1_SA_ESTABLISH_FAIL· 345

IKE_P1_SA_TERMINATE· 347

IKE_P2_SA_ESTABLISH_FAIL· 348

IKE_P2_SA_TERMINATE· 351

IKE_XAUTH_FAILE· 353

Introduction· 354

System log message format 354

Managing and obtaining system log messages· 356

Obtaining log messages from the console terminal 357

Obtaining log messages from the log buffer 357

Obtaining log messages from a monitor terminal 357

Obtaining log messages from the log file· 357

Obtaining log messages from a log host 357

Software module list 357

Using this document 361

IPS messages· 362

IPS_IPV4_INTERZONE· 362

IPS_IPV6_INTERZONE· 364

IPS_WARNING·· 365

IPS_WARNING·· 365

IPS_WARNING·· 366

IPSEC messages· 366

IPSEC_FAILED_ADD_FLOW_TABLE· 366

IPSEC_PACKET_DISCARDED·· 367

IPSEC_SA_ESTABLISH·· 368

IPSEC_SA_ESTABLISH_FAIL· 369

IPSEC_SA_INITIATION·· 371

IPSEC_SA_TERMINATE· 372

IPSEC_ANTI-REPLAY_WINDOWS_ERROR·· 374

IPSG messages· 374

IPSG_ADDENTRY_ERROR·· 375

IPSG_DELENTRY_ERROR·· 376

IRDP messages· 376

IRDP_EXCEED_ADVADDR_LIMIT· 376

IRF· 376

IRF_LINK_BLOCK· 377

IRF_LINK_DOWN·· 377

IRF_LINK_UP· 377

IRF_MEMBER_LEFT· 378

IRF_MEMBERID_CONFLICT· 378

IRF_MEMBERID_CONFLICT_REBOOT· 378

IRF_MERGE· 379

IRF_MERGE_NEED_REBOOT· 379

IRF_MERGE_NOT_NEED_REBOOT· 379

IRF_NEWMEMBER_JOIN·· 380

KDNS messages· 380

KDNS_BIND_PORT_ALLOCETED·· 380

KHTTP messages· 380

KHTTP_BIND_PORT_ALLOCETED·· 381

KHTTP_BIND_ADDRESS_INUSED·· 381

L2PT messages· 381

L2PT_SET_MULTIMAC_FAILED·· 382

L2PT_CREATE_TUNNELGROUP_FAILED·· 382

L2PT_ADD_GROUPMEMBER_FAILED·· 382

L2PT_ENABLE_DROP_FAILED·· 383

L2TP messages· 383

L2TPV2_TUNNEL_EXCEED_LIMIT· 383

L2TPV2_SESSION_EXCEED_LIMIT· 383

L2VPN messages· 384

L2VPN_BGPVC_CONFLICT_LOCAL· 384

L2VPN_BGPVC_CONFLICT_REMOTE· 384

L2VPN_HARD_RESOURCE_NOENOUGH·· 385

L2VPN_HARD_RESOURCE_RESTORE· 385

L2VPN_LABEL_DUPLICATE· 385

LAGG messages· 385

LAGG_ACTIVE· 386

LAGG_INACTIVE_AICFG·· 386

LAGG_INACTIVE_BFD·· 387

LAGG_INACTIVE_CONFIGURATION·· 387

LAGG_INACTIVE_DUPLEX· 388

LAGG_INACTIVE_HARDWAREVALUE· 388

LAGG_INACTIVE_LOWER_LIMIT· 388

LAGG_INACTIVE_PARTNER·· 389

LAGG_INACTIVE_PHYSTATE· 389

LAGG_INACTIVE_RESOURCE_INSUFICIE· 389

LAGG_INACTIVE_SPEED·· 390

LAGG_INACTIVE_UPPER_LIMIT· 390

LB messages· 390

LB_CHANGE_DEFAULTLG_STATE_VS· 391

LB_CHANGE_DEFAULTSF_STATE_VS· 391

LB_CHANGE_LG_STATE_ACTION·· 392

LB_CHANGE_LG_STATUS· 392

LB_CHANGE_LINK_BUSYSTATUS· 392

LB_CHANGE_LINK_CONNNUM_OVER·· 393

LB_CHANGE_LINK_CONNNUM_RECOVERY· 393

LB_CHANGE_LINK_CONNRATE_OVER·· 394

LB_CHANGE_LINK_CONNRATE_RECOVERY· 394

LB_CHANGE_LINK_HCSTATUS· 395

LB_CHANGE_LINK_PROBERESULT· 395

LB_CHANGE_RS_CONNNUM_OVER·· 396

LB_CHANGE_RS_CONNNUM_RECOVERY· 396

LB_CHANGE_RS_CONNRATE_OVER·· 397

LB_CHANGE_RS_CONNRATE_RECOVERY· 397

LB_CHANGE_RS_HCSTATUS· 398

LB_CHANGE_RS_PROBERESULT· 398

LB_CHANGE_SF_STATE_ACTION·· 399

LB_CHANGE_SF_STATUS· 399

LB_CHANGE_VS_CONNNUM_OVER·· 400

LB_CHANGE_VS_CONNNUM_RECOVERY· 400

LB_CHANGE_VS_CONNRATE_OVER·· 401

LB_CHANGE_VS_CONNRATE_RECOVERY· 401

LB_LINK_STATE_ACTIVE· 402

LB_LINK_STATE_INACTIVE· 402

LB_NAT44_FLOW·· 403

LB_NAT46_FLOW·· 404

LB_NAT64_FLOW·· 405

LB_NAT66_FLOW·· 406

LB_SLB_LICENSE_INSTALLED·· 406

LB_SLB_LICENSE_UNINSTALLED·· 407

LB_SLB_LICENSE_EXPIRED·· 407

LDP messages· 407

LDP_MPLSLSRID_CHG·· 408

LDP_SESSION_CHG·· 409

LDP_SESSION_GR·· 410

LDP_SESSION_SP· 410

LLDP messages· 411

LLDP_CREATE_NEIGHBOR·· 411

LLDP_DELETE_NEIGHBOR·· 411

LLDP_LESS_THAN_NEIGHBOR_LIMIT· 412

LLDP_NEIGHBOR_AGE_OUT· 412

LLDP_NEIGHBOR_AP_RESET· 413

LLDP_PVID_INCONSISTENT· 413

LLDP_REACH_NEIGHBOR_LIMIT· 414

LOAD messages· 414

BOARD_LOADING·· 414

LOAD_FAILED·· 415

LOAD_FINISHED·· 415

LOGIN messages· 415

LOGIN_FAILED·· 416

LOGIN_ INVALID_USERNAME_PWD·· 416

LPDT messages· 416

LPDT_LOOPED·· 416

LPDT_RECOVERED·· 417

LPDT_VLAN_LOOPED·· 417

LPDT_VLAN_RECOVERED·· 417

LS messages· 417

LS_ADD_USER_TO_GROUP· 418

LS_AUTHEN_FAILURE· 418

LS_AUTHEN_SUCCESS· 418

LS_DEL_USER_FROM_GROUP· 419

LS_DELETE_PASSWORD_FAIL· 419

LS_PWD_ADDBLACKLIST· 419

LS_PWD_CHGPWD_FOR_AGEDOUT· 420

LS_PWD_CHGPWD_FOR_AGEOUT· 420

LS_PWD_CHGPWD_FOR_COMPOSITION·· 420

LS_PWD_CHGPWD_FOR_FIRSTLOGIN·· 421

LS_PWD_CHGPWD_FOR_LENGTH·· 421

LS_PWD_FAILED2WRITEPASS2FILE· 421

LS_PWD_MODIFY_FAIL· 422

LS_PWD_MODIFY_SUCCESS· 422

LS_REAUTHEN_FAILURE· 422

LS_UPDATE_PASSWORD_FAIL· 423

LS_USER_CANCEL· 423

LS_USER_PASSWORD_EXPIRE· 423

LS_USER_ROLE_CHANGE· 424

LSPV messages· 424

LSPV_PING_STATIS_INFO·· 424

MAC messages· 424

MAC_TABLE_FULL_GLOBAL· 425

MAC_TABLE_FULL_PORT· 425

MAC_TABLE_FULL_VLAN·· 425

MACA messages· 425

MACA_ENABLE_NOT_EFFECTIVE· 426

MACSEC messages· 426

MACSEC_MKA_KEEPALIVE_TIMEOUT· 426

MACSEC_MKA_PRINCIPAL_ACTOR·· 427

MACSEC_MKA_SAK_REFRESH·· 427

MACSEC_MKA_SESSION_REAUTH·· 427

MACSEC_MKA_SESSION_SECURED·· 428

MACSEC_MKA_SESSION_START· 428

MACSEC_MKA_SESSION_STOP· 429

MACSEC_MKA_SESSION_UNSECURED·· 429

MBFD messages· 429

MBFD_TRACEROUTE_FAILURE· 430

MBUF messages· 430

MBUF_DATA_BLOCK_CREATE_FAIL· 431

MFIB messages· 431

MFIB_MEM_ALERT· 431

MGROUP messages· 432

MGROUP_APPLY_SAMPLER_FAIL· 432

MGROUP_RESTORE_CPUCFG_FAIL· 432

MGROUP_RESTORE_IFCFG_FAIL· 433

MGROUP_SYNC_CFG_FAIL· 433

MTLK messages· 433

MTLK_UPLINK_STATUS_CHANGE· 434

NAT messages· 434

NAT_ADDR_BIND_CONFLICT· 434

NAT_ADDRGRP_MEMBER_CONFLICT· 435

NAT_ADDRGRP_RESOURCE_EXHAUST· 435

NAT_FAILED_ADD_FLOW_TABLE· 435

NAT_FLOW·· 436

NAT_INTERFACE_RESOURCE_EXHAUST· 437

NAT_NOPAT_IP_USAGE_ALARM·· 437

NAT_SERVICE_CARD_RECOVER_FAILURE· 438

NAT_SERVER_INVALID·· 438

NAT_FAILED_ADD_FLOW_RULE· 439

NAT444_PORTBLOCK_USAGE_ALARM·· 439

ND messages· 439

ND_CONFLICT· 440

ND_DUPADDR·· 440

ND_HOST_IP_CONFLICT· 441

ND_MAC_CHECK· 441

ND_SET_PORT_TRUST_NORESOURCE· 441

ND_SET_VLAN_REDIRECT_NORESOURCE· 442

ND_MAXNUM_IF· 442

ND_MAXNUM_DEV· 442

NETCONF messages· 443

CLI 443

EDIT-CONFIG·· 444

REPLY· 445

THREAD·· 445

NetShare control messages· 445

NETSHARE_IPV4_LOG·· 446

NETSHARE_IPV4_LOG·· 446

NETSHARE_IPV6_LOG·· 447

NETSHARE_IPV6_LOG·· 447

NQA messages· 447

NQA_ENTRY_PROBE_RESULT· 448

NQA_LOG_UNREACHABLE· 448

NQA_SCHEDULE_FAILURE· 448

NQA_SET_DRIVE_FAIL· 449

NQA_SEVER_FAILURE· 449

NTP messages· 449

NTP_CLOCK_CHANGE· 450

NTP_LEAP_CHANGE· 450

NTP_SOURCE_CHANGE· 450

NTP_SOURCE_LOST· 451

NTP_STRATUM_CHANGE· 451

OBJP messages· 451

OBJP_ACCELERATE_NO_RES· 452

OBJP_ACCELERATE_NOT_SUPPORT· 452

OBJP_ACCELERATE_UNK_ERR·· 452

OBJP_RULE_CREATE_SUCCESS· 453

OBJP_RULE_CREATE_FAIL· 453

OBJP_RULE_UPDATE_SUCCESS· 453

OBJP_RULE_UPDATE_FAIL· 454

OBJP_RULE_DELETE_SUCCESS· 454

OBJP_RULE_DELETE_FAIL· 454

OBJP_RULE_CLRSTAT_SUCCESS· 455

OBJP_RULE_CLRSTAT_FAIL· 455

OBJP_APPLY_POLICY_FAIL· 455

OBJP_APPLAY_INFO·· 456

OFP messages· 456

OFP_ACTIVE· 456

OFP_ACTIVE_FAILED·· 456

OFP_CONNECT· 457

OFP_FAIL_OPEN·· 457

OFP_FLOW_ADD·· 457

OFP_FLOW_ADD_DUP· 458

OFP_FLOW_ADD_FAILED·· 458

OFP_FLOW_ADD_TABLE_MISS· 459

OFP_FLOW_ADD_TABLE_MISS_FAILED·· 459

OFP_FLOW_DEL· 460

OFP_FLOW_DEL_L2VPN_DISABLE· 460

OFP_FLOW_DEL_TABLE_MISS· 461

OFP_FLOW_DEL_TABLE_MISS_FAILED·· 461

OFP_FLOW_DEL_VXLAN_DEL· 462

OFP_FLOW_MOD·· 462

OFP_FLOW_MOD_FAILED·· 463

OFP_FLOW_MOD_TABLE_MISS· 463

OFP_FLOW_MOD_TABLE_MISS_FAILED·· 464

OFP_FLOW_RMV_GROUP· 464

OFP_FLOW_RMV_HARDTIME· 464

OFP_FLOW_RMV_IDLETIME· 465

OFP_FLOW_RMV_METER·· 465

OFP_GROUP_ADD·· 465

OFP_GROUP_ADD_FAILED·· 466

OFP_GROUP_DEL· 466

OFP_GROUP_MOD·· 466

OFP_GROUP_MOD_FAILED·· 467

OFP_METER_ADD·· 467

OFP_METER_ADD_FAILED·· 467

OFP_METER_DEL· 468

OFP_METER_MOD·· 468

OFP_METER_MOD_FAILED·· 469

OFP_MISS_RMV_GROUP· 469

OFP_MISS_RMV_HARDTIME· 469

OFP_MISS_RMV_IDLETIME· 470

OFP_MISS_RMV_METER·· 470

OPENSRC (RSYNC) messages· 470

Synchronization success· 471

Synchronization failure· 471

Synchronization error 472

OPTMOD messages· 472

BIAS_HIGH·· 472

BIAS_LOW·· 473

BIAS_NORMAL· 473

CFG_ERR·· 473

CHKSUM_ERR·· 474

FIBER_SFPMODULE_INVALID·· 474

FIBER_SFPMODULE_NOWINVALID·· 474

IO_ERR·· 475

MOD_ALM_OFF· 475

MOD_ALM_ON·· 475

MODULE_IN·· 476

MODULE_OUT· 476

PHONY_MODULE· 476

RX_ALM_OFF· 477

RX_ALM_ON·· 477

RX_POW_HIGH·· 477

RX_POW_LOW·· 478

RX_POW_NORMAL· 478

TEMP_HIGH·· 478

TEMP_LOW·· 479

TEMP_NORMAL· 479

TX_ALM_OFF· 479

TX_ALM_ON·· 480

TX_POW_HIGH·· 480

TX_POW_LOW·· 480

TX_POW_NORMAL· 481

TYPE_ERR·· 481

VOLT_HIGH·· 481

VOLT_LOW·· 482

VOLT_NORMAL· 482

PBB messages· 482

PBB_JOINAGG_WARNING·· 483

PBR messages· 483

PBR_HARDWARE_ERROR·· 483

PCAPWARE messages· 483

PCAPWARE_STOP· 484

PCE messages· 484

PCE_PCEP_SESSION_CHG·· 485

PEX messages· 485

PEX_LINK_FORWARD·· 486

PEX_LINK_BLOCK· 486

PEX_LINK_DOWN·· 487

PEX_REG_REQUEST· 487

PEX_REG_JOININ·· 488

PEX_REG_LEAVE· 488

PEX_CONFIG_ERROR·· 489

PEX_CONNECTION_ERROR·· 489

PFILTER messages· 489

PFILTER_APPLYUSER_FAIL· 490

PFILTER_GLB_ RES_CONFLICT· 490

PFILTER_GLB_IPV4_DACT_NO_RES· 491

PFILTER_GLB_IPV4_DACT_UNK_ERR·· 491

PFILTER_GLB_IPV6_DACT_NO_RES· 492

PFILTER_GLB_IPV6_DACT_UNK_ERR·· 492

PFILTER_GLB_MAC_DACT_NO_RES· 493

PFILTER_GLB_MAC_DACT_UNK_ERR·· 493

PFILTER_GLB_NO_RES· 494

PFILTER_GLB_NOT_SUPPORT· 494

PFILTER_GLB_UNK_ERR·· 495

PFILTER_IF_IPV4_DACT_NO_RES· 495

PFILTER_IF_IPV4_DACT_UNK_ERR·· 496

PFILTER_IF_IPV6_DACT_NO_RES· 496

PFILTER_IF_IPV6_DACT_UNK_ERR·· 497

PFILTER_IF_MAC_DACT_NO_RES· 497

PFILTER_IF_MAC_DACT_UNK_ERR·· 498

PFILTER_IF_NO_RES· 498

PFILTER_IF_NOT_SUPPORT· 499

PFILTER_IF_RES_CONFLICT· 499

PFILTER_IF_UNK_ERR·· 500

PFILTER_IPV6_STATIS_INFO·· 500

PFILTER_STATIS_INFO·· 501

PFILTER_VLAN_IPV4_DACT_NO_RES· 501

PFILTER_VLAN_IPV4_DACT_UNK_ERR·· 502

PFILTER_VLAN_IPV6_DACT_NO_RES· 502

PFILTER_VLAN_IPV6_DACT_UNK_ERR·· 503

PFILTER_VLAN_MAC_DACT_NO_RES· 503

PFILTER_VLAN_MAC_DACT_UNK_ERR·· 504

PFILTER_VLAN_NO_RES· 504

PFILTER_VLAN_NOT_SUPPORT· 505

PFILTER_VLAN_RES_CONFLICT· 505

PFILTER_VLAN_UNK_ERR·· 506

PHYD messages· 506

DRV· 506

PIM messages· 508

PIM_NBR_DOWN·· 509

PIM_NBR_UP· 509

PING messages· 509

PING_STATISTICS· 510

PING_VPN_STATISTICS· 511

PKI messages· 511

REQUEST_CERT_FAIL· 511

REQUEST_CERT_SUCCESS· 512

PKT2CPU messages· 512

PKT2CPU_NO_RESOURCE· 512

PKTCPT messages· 512

PKTCPT_AP_OFFLINE· 513

PKTCPT_AREADY_EXIT· 513

PKTCPT_CONN_FAIL· 514

PKTCPT_INVALID_FILTER·· 514

PKTCPT_LOGIN_DENIED·· 514

PKTCPT_MEMORY_ALERT· 515

PKTCPT_OPEN_FAIL· 515

PKTCPT_OPERATION_TIMEOUT· 515

PKTCPT_SERVICE_FAIL· 516

PKTCPT_UNKNOWN_ERROR·· 516

PKTCPT_UPLOAD_ERROR·· 516

PKTCPT_WRITE_FAIL· 517

Portal messages· 517

PORTAL_USER_LOGOFF· 518

PORTAL_USER_LOGON_FAIL· 520

PORTAL_USER_LOGON_SUCCESS· 521

PORTSEC messages· 521

PORTSEC_PORTMODE_NOT_EFFECTIVE· 522

PORTSEC_NTK_NOT_EFFECTIVE· 522

POSA· 522

POSA_TCPLISTENPORT_NOT_OPEN·· 523

PPP messages· 523

IPPOOL_ADDRESS_EXHAUSTED·· 523

PPPOES_MAC_THROTTLE· 523

PWDCTL messages· 524

ADDBLACKLIST· 524

CHANGEPASSWORD·· 524

FAILEDTOWRITEPWD·· 524

QOS messages· 525

QOS_CAR_APPLYUSER_FAIL· 525

QOS_CBWFQ_REMOVED·· 525

QOS_GTS_APPLYUSER_FAIL· 526

QOS_NOT_ENOUGH_BANDWIDTH·· 526

QOS_POLICY_APPLYCOPP_CBFAIL· 527

QOS_POLICY_APPLYCOPP_FAIL· 527

QOS_POLICY_APPLYGLOBAL_CBFAIL· 528

QOS_POLICY_APPLYGLOBAL_FAIL· 528

QOS_POLICY_APPLYIF_CBFAIL· 529

QOS_POLICY_APPLYIF_FAIL· 529

QOS_POLICY_APPLYUSER_FAIL· 530

QOS_POLICY_APPLYVLAN_CBFAIL· 530

QOS_POLICY_APPLYVLAN_FAIL· 531

QOS_QMPROFILE_APPLYUSER_FAIL· 531

QOS_QMPROFILE_MODIFYQUEUE_FAIL· 532

QOS_POLICY_REMOVE· 532

QOS_POLICY_ACTIVATE· 532

RADIUS messages· 533

RADIUS_AUTH_FAILURE· 533

RADIUS_AUTH_SUCCESS· 533

RADIUS_DELETE_HOST_FAIL· 533

RDDC messages· 533

RDDC_ACTIVENODE_CHANGE· 534

RIP messages· 534

RIP_MEM_ALERT· 534

RIP_RT_LMT· 535

RIPNG messages· 535

RIPNG_MEM_ALERT· 535

RIPNG_RT_LMT· 535

RM messages· 535

RM_ACRT_REACH_LIMIT· 536

RM_ACRT_REACH_THRESVALUE· 536

RM_THRESHLD_VALUE_REACH·· 536

RPR messages· 537

RPR_EXCEED_MAX_SEC_MAC·· 537

RPR_EXCEED_MAX_SEC_MAC_OVER·· 537

RPR_EXCEED_MAX_STATION·· 537

RPR_EXCEED_MAX_STATION_OVER·· 538

RPR_EXCEED_RESERVED_RATE· 538

RPR_EXCEED_RESERVED_RATE_OVER·· 538

RPR_IP_DUPLICATE· 539

RPR_IP_DUPLICATE_OVER·· 539

RPR_JUMBO_INCONSISTENT· 539

RPR_JUMBO_INCONSISTENT_OVER·· 540

RPR_MISCABLING·· 540

RPR_MISCABLING_OVER·· 540

RPR_PROTECTION_INCONSISTENT· 541

RPR_PROTECTION_INCONSISTENT_OVER·· 541

RPR_SEC_MAC_DUPLICATE· 541

RPR_SEC_MAC_DUPLICATE_OVER·· 542

RPR_TOPOLOGY_INCONSISTENT· 542

RPR_TOPOLOGY_INCONSISTENT_OVER·· 542

RPR_TOPOLOGY_INSTABILITY· 543

RPR_TOPOLOGY_INSTABILITY_OVER·· 543

RPR_TOPOLOGY_INVALID·· 543

RPR_TOPOLOGY_INVALID_OVER·· 544

RTM messages· 544

RTM_TCL_NOT_EXIST· 544

RTM_TCL_MODIFY· 544

RTM_TCL_LOAD_FAILED·· 545

SCM messages· 545

PROCESS_ABNORMAL· 545

PROCESS_ACTIVEFAILED·· 546

SCM_ABNORMAL_REBOOT· 546

SCM_ABNORMAL_REBOOTMDC·· 547

SCM_ABORT_RESTORE· 547

SCM_INSMOD_ADDON_TOOLONG·· 548

SCM_KERNEL_INIT_TOOLONG·· 548

SCM_PROCESS_STARTING_TOOLONG·· 549

SCM_PROCESS_STILL_STARTING·· 549

SCM_SKIP_PROCESS· 550

SCM_SKIP_PROCESS· 550

SCRLSP messages· 550

SCRLSP_LABEL_DUPLICATE· 551

SecDiag· 551

MONITOR_CONCURRENCY_EXCEED·· 551

MONITOR_CONCURRENCY_BELOW·· 552

MONITOR_CONNECTION_EXCEED·· 552

MONITOR_CONNECTION_BELOW·· 553

MONITOR_SECP_IPV4_EXCEED·· 553

MONITOR_SECP_IPV4_BELOW·· 553

MONITOR_SECP_IPV6_EXCEED·· 554

MONITOR_SECP_IPV6_BELOW·· 554

MONITOR_CONTEXT_EXCEED·· 554

MONITOR_CONTEXT_BELOW·· 555

MONITOR_NAT_EXCEED·· 555

MONITOR_NAT_BELOW·· 555

MONITOR_BAGG_EXCEED·· 556

MONITOR_BAGG_BELOW·· 556

MONITOR_RAGG_EXCEED·· 556

MONITOR_RAGG_BELOW·· 557

MONITOR_BLADE_THROUGHPUT_EXCEED·· 557

MONITOR_BLADE_THROUGHPUT_BELOW·· 558

MONITOR_QACL_EXCEED·· 558

MONITOR_QACL_BELOW·· 559

MONITOR_BANDWIDTH_EXCEED·· 559

MONITOR_BANDWIDTH_BELOW·· 559

SECP messages· 559

SECP_ACCELERATE_NO_RES· 560

SECP_ACCELERATE_NOT_SUPPORT· 560

SECP_ACCELERATE_UNK_ERR·· 560

SECP_RULE_CREATE_SUCCESS· 561

SECP_RULE_CREATE_FAIL· 561

SECP_RULE_UPDATE_SUCCESS· 562

SECP_RULE_UPDATE_FAIL· 562

SECP_RULE_DELETE_SUCCESS· 563

SECP_RULE_DELETE_FAIL· 563

SECP_RULE_CLRSTAT_SUCCESS· 564

SECP_RULE_CLRSTAT_FAIL· 564

SESSION messages· 564

SESSION_IPV4_FLOW·· 565

SESSION_IPV6_FLOW·· 567

SESSION_IPV4_DNS· 568

SESSION_IPV6_DNS· 569

SFLOW messages· 569

SFLOW_HARDWARE_ERROR·· 569

SHELL messages· 570

SHELL_CMD·· 570

SHELL_CMD_CONFIRM·· 570

SHELL_CMD_EXECUTEFAIL· 570

SHELL_CMD_INPUT· 571

SHELL_CMD_INPUT_TIMEOUT· 571

SHELL_CMD_MATCHFAIL· 571

SHELL_CMDDENY· 572

SHELL_CMDFAIL· 572

SHELL_COMMIT· 572

SHELL_COMMIT_DELAY· 573

SHELL_COMMIT_REDELAY· 573

SHELL_COMMIT_ROLLBACK· 573

SHELL_COMMIT_ROLLBACKDONE· 574

SHELL_COMMIT_ROLLBACKFAILED·· 574

SHELL_COMMIT_WILLROLLBACK· 574

SHELL_CRITICAL_CMDFAIL· 575

SHELL_LOGIN·· 575

SHELL_LOGOUT· 575

SLSP messages· 575

SLSP_LABEL_DUPLICATE· 576

SMLK messages· 576

SMLK_LINK_SWITCH·· 576

SNMP messages· 576

SNMP_ACL_RESTRICTION·· 577

SNMP_AUTHENTICATION_FAILURE· 577

SNMP_GET· 577

SNMP_NOTIFY· 578

SNMP_SET· 578

SNMP_USM_NOTINTIMEWINDOW·· 579

SSHC messages· 579

SSHC_ALGORITHM_MISMATCH·· 579

SSHS messages· 579

SSHS_ACL_DENY· 580

SSHS_ALGORITHM_MISMATCH·· 580

SSHS_AUTH_EXCEED_RETRY_TIMES· 580

SSHS_AUTH_FAIL· 581

SSHS_AUTH_TIMEOUT· 581

SSHS_CONNECT· 581

SSHS_DECRYPT_FAIL· 582

SSHS_DISCONNECT· 582

SSHS_ENCRYPT_FAIL· 582

SSHS_LOG·· 583

SSHS_MAC_ERROR·· 583

SSHS_REACH_SESSION_LIMIT· 583

SSHS_REACH_USER_LIMIT· 584

SSHS_SCP_OPER·· 584

SSHS_SFTP_OPER·· 585

SSHS_SRV_UNAVAILABLE· 585

SSHS_VERSION_MISMATCH·· 585

STAMGR messages· 586

STAMGR_ADD_FAILVLAN·· 586

STAMGR_ADDBAC_INFO·· 586

STAMGR_ADDSTA_INFO·· 586

STAMGR_AUTHORACL_FAILURE· 587

STAMGR_AUTHORUSERPROFILE_FAILURE· 588

STAMGR_BSS_FAILURE· 588

STAMGR_CLIENT_FAILURE· 589

STAMGR_CLIENT_OFFLINE· 594

STAMGR_CLIENT_ONLINE· 597

STAMGR_CLIENT_SNOOPING·· 598

STAMGR_DELBAC_INFO·· 598

STAMGR_DELSTA_INFO·· 598

STAMGR_MACA_LOGIN_FAILURE· 599

STAMGR_MACA_LOGIN_SUCC·· 600

STAMGR_MACA_LOGOFF· 601

STAMGR_ROAM_FAILED·· 602

STAMGR_ROAM_SUCCESS· 603

STAMGR_SERVICE_FAILURE· 603

STAMGR_SERVICE_OFF· 607

STAMGR_SERVICE_ON·· 608

STAMGR_STA_ADDMOB_LKUP_ENDOFIOCTL· 608

STAMGR_STAIPCHANGE_INFO·· 609

STAMGR_TRIGGER_IP· 609

STM messages· 609

STM_AUTO_UPDATE_FAILED·· 610

STM_AUTO_UPDATE_FAILED·· 611

STM_AUTO_UPDATE_FINISHED·· 611

STM_AUTO_UPDATE_FINISHED·· 612

STM_AUTO_UPDATING·· 612

STM_AUTO_UPDATING·· 612

STM_LINK_DOWN·· 613

STM_LINK_TIMEOUT· 613

STM_LINK_UP· 613

STM_MERGE· 613

STM_MERGE_NEED_REBOOT· 614

STM_MERGE_NOT_NEED_REBOOT· 614

STM_SAMEMAC·· 614

STM_SOMER_CHECK· 615

STP messages· 615

STP_BPDU_PROTECTION·· 615

STP_BPDU_RECEIVE_EXPIRY· 615

STP_CONSISTENCY_RESTORATION·· 616

STP_DETECTED_TC·· 616

STP_DISABLE· 616

STP_DISCARDING·· 617

STP_ENABLE· 617

STP_FORWARDING·· 617

STP_LOOP_PROTECTION·· 618

STP_NOT_ROOT· 618

STP_NOTIFIED_TC·· 618

STP_PORT_TYPE_INCONSISTENCY· 619

STP_PVID_INCONSISTENCY· 619

STP_PVST_BPDU_PROTECTION·· 619

STP_ROOT_PROTECTION·· 620

SYSEVENT· 620

EVENT_TIMEOUT· 620

SYSLOG messages· 621

ENCODING·· 621

SYSLOG_LOGFILE_FULL· 621

SYSLOG_RESTART· 621

TACACS messages· 622

TACACS_AUTH_FAILURE· 622

TACACS_AUTH_SUCCESS· 622

TACACS_DELETE_HOST_FAIL· 622

TELNETD messages· 622

TELNETD_ACL_DENY· 623

TELNETD_REACH_SESSION_LIMIT· 623

UFLT messages· 623

UFLT_MATCH_IPV4_LOG (syslog) 624

UFLT_MATCH_IPV6_LOG (syslog) 625

UFLT_NOT MATCH_IPV4_LOG (syslog) 626

UFLT_NOT MATCH_IPV6_LOG (syslog) 627

UFLT_MATCH_IPv4_LOG (fast log) 628

UFLT_MATCH_IPv6_LOG (fast log) 629

UFLT_NOT_MATCH_IPv4_LOG (fast log) 630

UFLT_NOT_MATCH_IPv6_LOG (fast log) 631

UFLT_WARNING·· 632

UFLT_WARNING·· 632

VLAN messages· 632

VLAN_FAILED·· 632

VLAN_VLANMAPPING_FAILED·· 633

VLAN_VLANTRANSPARENT_FAILED·· 633

WEB messages· 633

LOGIN·· 633

LOGIN_FAILED·· 634

LOGOUT· 634

WFF messages· 634

WFF_HARDWARE_INIT_FAILED·· 634

WFF_HARDWARE_IPC_FAILED·· 635

WFF_HARDWARE_LOOPBACK_FAILED·· 635

WFF_HARDWARE_PCIE_FAILED·· 635

WIPS messages· 635

APFLOOD·· 636

AP_CHANNEL_CHANGE· 636

ASSOCIATEOVERFLOW·· 636

WIPS_DOS· 637

WIPS_FLOOD·· 637

HONEYPOT· 638

HTGREENMODE· 638

WIPS_MALF· 639

MAN_IN_MIDDLE· 639

WIPS_ROGUE· 640

WIPS_SPOOF· 640

WIPS_UNAUTH·· 640

WIPS_WEAKIV· 641

WIRELESSBRIDGE· 641

WLANAUD messages· 641

WLANAUD_CLIENT_ONLINE· 642

WMESH messages· 642

MESH_ACTIVELINK_SWITCH·· 643

MESH_LINKDOWN·· 644

MESH_LINKUP· 645

MESH_REVOPEN_MAC·· 645

WRDC messages· 645

WRDC_USER_DELETE· 646

WRDC_USER_OFFLINE· 646

WRDC_USER_ONLINE· 647

WRDC_USER_ROAM·· 647

WSA messages· 647

WSA_DEVICE· 648

 


AAA messages

This section contains AAA messages.

AAA_FAILURE

Message text

-AAAType=[STRING]-AAADomain=[STRING]-Service=[STRING]-UserName=[STRING]; AAA failed.

Variable fields

$1: AAA type.

$2: AAA scheme.

$3: Service.

$4: Username.

Severity level

5

Example

AAA/5/AAA_FAILURE: -AAAType=AUTHOR-AAADomain=domain1-Service=login-UserName=cwf@system; AAA failed.

Explanation

An AAA request was rejected.

The following are the common reasons:

·     No response was received from the server.

·     The username or password was incorrect.

·     The service type that the user applied for was incorrect.

Recommended action

1.     Verify that the device is correctly connected to the server.

2.     Enter the correct username and password.

3.     Verify that the server settings are the same as the settings on the device.

4.     If the problem persists, contact H3C Support.

 

AAA_LAUNCH

Message text

-AAAType=[STRING]-AAADomain=[STRING]-Service=[STRING]-UserName=[STRING]; AAA launched.

Variable fields

$1: AAA type.

$2: AAA scheme.

$3: Service.

$4: Username.

Severity level

6

Example

AAA/6/AAA_LAUNCH: -AAAType=AUTHEN-AAADomain=domain1-Service=login-UserName=cwf@system; AAA launched.

Explanation

An AAA request was received.

Recommended action

No action is required.

 

AAA_SUCCESS

Message text

-AAAType=[STRING]-AAADomain=[STRING]-Service=[STRING]-UserName=[STRING]; AAA succeeded.

Variable fields

$1: AAA type.

$2: AAA scheme.

$3: Service.

$4: Username.

Severity level

6

Example

AAA/6/AAA_SUCCESS: -AAAType=AUTHOR-AAADomain=domain1-Service=login-UserName=cwf@system; AAA succeeded.

Explanation

An AAA request was accepted.

Recommended action

No action is required.

 

ACL messages

This section contains ACL messages.

ACL_ACCELERATE_NO_RES

Message text

Failed to accelerate [STRING] ACL [UINT32]. The resources are insufficient.

Variable fields

$1: ACL type.

$2: ACL number.

Severity level

4

Example

ACL/4/ACL_ACCELERATE_NO_RES: Failed to accelerate IPv6 ACL 2001. The resources are insufficient.

Explanation

Hardware resources were insufficient for accelerating an ACL.

Recommended action

Delete some rules or disabled ACL acceleration for other ACLs to release hardware resources.

 

ACL_ACCELERATE_NONCONTIGUOUSMASK

Message text

Failed to accelerate ACL [UINT32]. ACL acceleration supports only contiguous wildcard masks.

Variable fields

$1: ACL number.

Severity level

4

Example

ACL/4/ACL_ACCELERATE_NONCONTIGUOUSMASK: Failed to accelerate ACL 2001. ACL acceleration supports only contiguous wildcard masks.

Explanation

ACL acceleration failed because rules containing noncontiguous wildcard masks exist in the ACL.

Recommended action

Check the ACL rules and delete the unsupported configuration.

 

ACL_ACCELERATE_NOT_SUPPORT

Message text

Failed to accelerate [STRING] ACL [UINT32]. The operation is not supported.

Variable fields

$1: ACL type.

$2: ACL number.

Severity level

4

Example

ACL/4/ACL_ACCELERATE_NOT_SUPPORT: Failed to accelerate IPv6 ACL 2001. The operation is not supported.

Explanation

ACL acceleration failed because the system does not support ACL acceleration.

Recommended action

No action is required.

 

ACL_ACCELERATE_NOT_SUPPORTHOPBYHOP

Message text

Failed to accelerate IPv6 ACL [UINT32]. ACL acceleration does not support the rules that contain the hop-by-hop keywords.

Variable fields

$1: ACL number.

Severity level

4

Example

ACL/4/ACL_ACCELERATE_NOT_SUPPORTHOPBYHOP: Failed to accelerate IPv6 ACL 2001. ACL acceleration does not support the rules that contain the hop-by-hop keywords.

Explanation

ACL acceleration failed for the IPv6 ACL because rules containing the hop-by-hop keyword exist in the ACL.

Recommended action

Check the ACL rules and delete the unsupported configuration.

 

ACL_ACCELERATE_NOT_SUPPORTMULTITCPFLAG

Message text

Failed to accelerate IPv6 ACL [UINT32]. ACL acceleration does not support specifying multiple TCP flags in one rule.

Variable fields

$1: ACL number.

Severity level

4

Example

ACL/4/ACL_ACCELERATE_NOT_SUPPORTMULTITCPFLAG: Failed to accelerate IPv6 ACL 2001. ACL acceleration does not support specifying multiple TCP flags in one rule.

Explanation

ACL acceleration failed for the IPv6 ACL because rules containing multiple TCP flags exist in the ACL.

Recommended action

Check the ACL rules and delete the unsupported configuration.

 

ACL_ACCELERATE_UNK_ERR

Message text

Failed to accelerate [STRING] ACL [UINT32].

Variable fields

$1: ACL type.

$2: ACL number.

Severity level

4

Example

ACL/4/ACL_ACCELERATE_UNK_ERR: Failed to accelerate IPv6 ACL 2001.

Explanation

ACL acceleration failed because of an unknown error.

Recommended action

No action is required.

 

ACL_DYNRULE_COMMENT

Message text

The comment of [STRING], which was generated dynamically, can't be added or deleted manually.

Variable fields

$1: Dynamic ACL rule information.

Severity level

6

Example

ACL/6/ACL_DYNRULE_COMMENT: The comment of IPv4 ACL 3000 rule 1, which was generated dynamically, can't be added or deleted manually.

Explanation

The comment of a dynamic ACL rule can't be added or deleted manually.

Recommended action

No action is required.

 

ACL_DYNRULE_MDF

Message text

[STRING], which was generated dynamically, was deleted or modified manually.

Variable fields

$1: Dynamic ACL rule information.

Severity level

5

Example

ACL/5/ACL_DYNRULE_MDF: IPv4 ACL 3000 rule 1, which was generated dynamically, was deleted or modified manually.

Explanation

A dynamic ACL rule was deleted or modified manually.

Recommended action

Make sure deleting or modifying the dynamic ACL rule does not affect ongoing services on the network.

 

ACL_IPV6_STATIS_INFO

Message text

IPv6 ACL [UINT32] [STRING] [UINT64] packet(s).

Variable fields

$1: ACL number.

$2: ID and content of an IPv6 ACL rule.

$3: Number of packets that matched the rule.

Severity level

6

Example

ACL/6/ACL_IPV6_STATIS_INFO: IPv6 ACL 2000 rule 0 permit source 1:1::/64 logging 1000 packet(s).

Explanation

The number of packets matching the IPv6 ACL rule changed.

Recommended action

No action is required.

 

ACL_NO_MEM

Message text

Failed to configure [STRING] ACL [UINT] due to lack of memory.

Variable fields

$1: ACL type.

$2: ACL number.

Severity level

3

Example

ACL/3/ACL_NO_MEM: Failed to configure ACL 2001 due to lack of memory.

Explanation

Configuring the ACL failed because memory is insufficient.

Recommended action

Use the display memory-threshold command to check the memory usage.

 

ACL_RULE_REACH_MAXNUM

Message text

The maximum number of rules in [STRING] ACL [UNIT32] already reached.

Variable fields

$1: ACL type.

$2: ACL number.

Severity level

5

Example

ACL/5/ACL_RULE_REACH_MAXNUM:The maximum number of rules in IPv4 ACL 3000 already reached.

Explanation

A dynamic ACL rule failed to be added because the maximum number of rules in the ACL already reached.

Recommended action

Delete unused ACL rules.

 

ACL_RULE_SUBID_EXCEED

Message text

The rule ID in [STRING] ACL [UNIT32] is out of range.

Variable fields

$1: ACL type.

$2: ACL number.

Severity level

5

Example

ACL/5/ ACL_RULE_SUBID_EXCEED: The rule ID in IPv4 ACL 3000 is out of range.

Explanation

A dynamic ACL rule failed to be added because the rule ID is out of range.

Recommended action

Modify the rule numbering step for the ACL.

 

ACL_STATIS_INFO

Message text

ACL [UINT32] [STRING] [UINT64] packet(s).

Variable fields

$1: ACL number.

$2: ID and content of an IPv4 ACL rule.

$3: Number of packets that matched the rule.

Severity level

6

Example

ACL/6/ACL_STATIS_INFO: ACL 2000 rule 0 permit source 1.1.1.1 0 logging 10000 packet(s).

Explanation

The number of packets matching the IPv4 ACL rule changed.

Recommended action

No action is required.

 

 

ANCP messages

This section contains ANCP messages.

ANCP_INVALID_PACKET

Message text

-NeighborName=[STRING]-State=[STRING]-MessageType=[STRING]; The [STRING] value [STRING] is wrong, and the value [STRING] is expected.

Variable fields

$1: ANCP neighbor name.

$2: Neighbor state.

$3: Message type.

$4: Field.

$5: Wrong value of the field.

$6: Expected value of the field.

Severity level

6

Example

ANCP/6/ANCP_INVALID_PACKET: -NeighborName=Dslam-State=SYNSENT-MessageType=SYNACK; The Sender Instance value 0 is wrong, and the value 1 is expected.

Explanation

The system received an adjacency message that had a field with a wrong value.

Recommended action

No action is required.

 

 

ANTIVIRUS messages

This section contains antivirus messages.

ANTIVIRUS_IPV4_INTERZONE

Message text

Protocol(1001)=[STRING];Application(1002)=[STRING];SrcIPAddr(1003)=[IPADDR];SrcPort(1004)=[UINT16];DstIPAddr(1007)=[IPADDR];DstPort(1008)=[UINT16];RcvVPNInstance(1042)=[STRING];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];VirusName(1085)=[STRING];VirusID(1086)=[UINT32];Severity(1087)=[STRING];Action(1053)=[STRING];HitDirection(1115)=[STRING];RealSrcIP(1100)=[STRING];

Variable fields

$1: Protocol type.

$2: Application layer protocol name.

$3: Source IPv4 address.

$4: Source port number.

$5: Destination IPv4 address.

$6: Destination port number.

$7: Receiving VPN instance.

$8: Source security zone name.

$9: Destination security zone name.

$10: Username.

$11: Policy name.

$12: Virus name.

$13: Virus ID.

$14: Severity level:

¡     LOW.

¡     MEDIUM.

¡     HIGH.

¡     CRITICAL.

$15: Action:

¡     Reset & Logging.

¡     Permit & Logging.

¡     Redirect & Logging.

$16: Direction of matching packets:

¡     original.

¡     reply.

$17: Actual source IPv4 address.

Severity level

4

Example

ANTI-VIR/4/ANTIVIRUS_IPV4_INTERZONE:-Context=1;Protocol(1001)=TCP;Application(1002)=http;SrcIPAddr(1003)=100.10.10.40;SrcPort(1004)=56690;DstIPAddr(1007)=200.10.10.40;DstPort(1008)=80;RcvVPNInstance(1042)=;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=abc;PolicyName(1079)=av;VirusName(1085)=MODIFIED-EICAR-Test-File;VirusID(1086)=95;Severity(1087)=MEDIUM;Action(1053)=Reset & Logging;HitDirection(1115)=original;RealSrcIP(1100)=10.10.10.10,20.20.20.20;

Explanation

This message is sent when an IPv4 packet matches a virus signature.

Recommended action

No action is required.

 

ANTIVIRUS_IPV6_INTERZONE

Message text

Protocol(1001)=[STRING];Application(1002)=[STRING];SrcIPv6Addr(1036)=[IPADDR];SrcPort(1004)=[UINT16];DstIPv6Addr(1037)=[IPADDR];DstPort(1008)=[UINT16];RcvVPNInstance(1042)=-[STRING];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];VirusName(1085)=[STRING];VirusID(1086)=[UINT32];Severity(1087)=[STRING];Action(1053)=[STRING];HitDirection(1115)=[STRING];RealSrcIP(1100)=[STRING];

Variable fields

$1: Protocol type.

$2: Application layer protocol name.

$3: Source IPv6 address.

$4: Source port number.

$5: Destination IPv6 address.

$6: Destination port number.

$7: Receiving VPN instance.

$8: Source security zone name.

$9: Destination security zone name.

$10: Username.

$11: Policy name.

$12: Virus name.

$13: Virus ID.

$14: Severity level:

¡     LOW.

¡     MEDIUM.

¡     HIGH.

¡     CRITICAL.

$15: Action:

¡     Reset & Logging.

¡     Permit & Logging.

¡     Redirect & Logging.

$16: Direction of matching packets:

¡     original.

¡     reply.

$17: Actual source IPv6 address.

Severity level

4

Example

ANTI-VIR/4/ANTIVIRUS_IPV6_INTERZONE:-Context=1;Protocol(1001)=TCP;Application(1002)=http;SrcIPv6Addr(1036)=100::40;SrcPort(1004)=56690;DstIPv6Addr(1037)=200::40;DstPort(1008)=80;RcvVPNInstance(1042)=;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=aaa;PolicyName(1079)=av;VirusName(1085)=MODIFIED-EICAR-Test-File;VirusID(1086)=95;Severity(1087)=MEDIUM;Action(1053)=Reset & Logging;HitDirection(1115)=original;RealSrcIP(1100)=10::1;

Explanation

This message is sent when an IPv6 packet matches a virus signature.

Recommended action

No action is required.

 

ANTIVIRUS_WARNING

Message text

Updated the antivirus signature library successfully.

Variable fields

N/A

Severity level

4

Example

ANTI-VIR/4/ANTIVIRUS_WARNING: -Context=1; Updated the antivirus signature library successfully.

Explanation

This message is sent when the antivirus signature library is immediately or locally updated.

Recommended action

No action is required.

 

ANTIVIRUS_WARNING

Message text

Rolled back the antivirus signature library successfully.

Variable fields

N/A

Severity level

4

Example

ANTI-VIR/4/ANTIVIRUS_WARNING: -Context=1; Rolled back the antivirus signature library successfully.

Explanation

This message is sent when the antivirus signature library is rolled back to the previous version or the factory version.

Recommended action

No action is required.

 

ANTIVIRUS_WARNING

Message text

Failed to update the antivirus signature library because no valid license was found for the antivirus feature.

Variable fields

N/A

Severity level

4

Example

ANTI-VIR/4/ANTIVIRUS_WARNING: -Context=1; Failed to update the antivirus signature library because no valid license was found for the antivirus feature.

Explanation

This message is sent when one of the following antivirus signature library upgrade failure occurs:

·     Web-based or CLI-based immediate upgrade failed because no valid license is found.

·     Web-based local upgrade failed because no valid license is found.

Recommended action

No action is required.

 

 

APMGR messages

This section contains access point management messages.

AP_CREATE_FAILURE

Message text

Failed to create an AP with entity ID [UINT32] and model [STRING]. Reason: Region code is not available.

Variable fields

$1: AP ID.

$2: AP model.

Severity level

6

Example

APMGR/6/AP_CREATE_FAILURE: Failed to create an AP with entity ID 1 and model WA2620i-AGN. Reason: Region code is not available.

Explanation

The system fails to create an AP because the AP is not specified with a region code.

Recommended action

Specify a region code in global configuration view.

 

AP_REBOOT_REASON

Message text

AP in Run state is rebooting. Reason: The physical status of the radio is down.

Variable fields

N/A

Severity level

6

Example

APMGR/6/AP_REBOOT_REASON: AP in Run state is rebooting. Reason: The physical status of the radio is down.

Explanation

The AP is rebooting because a physical radio interface of the AP is in down state.

Recommended action

Verify that radio configurations on the AP are correct after the reboot.

 

APMGR_ADDBAC_INFO

Message text

Add BAS AC [STRING].

Variable fields

$1: MAC address of the BAS AC.

Severity level

6

Example

APMGR/6/APMGR_ADDBAC_INFO: Add BAS AC 3ce5-a616-28cd.

Explanation

The BAS AC was connected to the master AC.

Recommended action

No action is required.

 

APMGR_AP_CFG_FAILED

Message text

Failed to reset AP [STRING]. Reason: The AP is writing an image file into the flash.

Variable fields

$1: AP name.

Severity level

4

Example

APMGR/4/APMGR_CFG_FAILD: Failed to reset AP ap2. Reason: The AP is writing an image file into the flash.

Explanation

AP reset failed because the AP is writing an image file into the flash.

Recommended action

Restart the AP after the AP finishes writing an image file into the flash.

 

APMGR_AP_ONLINE

Message text

The AP failed to come online in discovery stage. Reason: AP model [$1] is not supported.

Variable fields

$1: AP model.

Severity level

6

Example

APMGR/6/APMGR_AP_ONLINE: The AP failed to come online in discovery stage. Reason: AP model wa2620i-AGN is not supported.

Explanation

The AP fails to come online because its model is not supported by the AC and the AC cannot receive discovery requests from the AP.

Recommended action

No action is required.

 

APMGR_DELBAC_INFO

Message text

Delete BAS AC [STRING].

Variable fields

$1: MAC address of the BAS AC.

Severity level

6

Example

APMGR/6/APMGR_DELBAC_INFO: Delete BAS AC 3ce5-a616-28cd.

Explanation

The BAS AC was disconnected from the master AC.

Recommended action

No action is required.

 

APMGR_LOG_ADD_AP_FAIL

Message text

AP [STRING] failed to come online using serial ID [STRING]: MAC address [STRING] is being used by AP [STRING].

Variable fields

$1: AP name.

$2: Serial ID.

$3: MAC address.

$4: AP name.

Severity level

4

Example

APMGR/4/APMGR_LOG_ADD_AP_FAIL: AP ap1 failed to come online using serial ID 01247ef96: MAC address 0023-7961-5201 is being used by AP ap2.

Explanation

The AP failed to come online because a manual AP that has the same MAC address already exists on the AC.

Recommended action

Delete either the manual AP that has the MAC address or the serial ID.

 

APMGR_LOG_LACOFFLINE

Message text

Local AC [STRING] went offline. State changed to Idle.

Variable fields

$1: Name of the local AC.

Severity level

6

Example

APMGR/6/APMGR_LOG_LACOFFLINE: Local AC ac1 went offline. State changed to Idle.

Explanation

The local AC went offline. The state of the local AC changed to Idle.

Recommended action

1.     If the local AC went offline abnormally, check the debugging information to locate the problem and resolve it.

2.     If the problem persists, contact H3C Support.

 

APMGR_LOG_LACONLINE

Message text

Local AC [STRING] went online. State changed to Run.

Variable fields

$1: Name of the local AC.

Severity level

6

Example

APMGR/6/APMGR_LOG_LACONLINE: Local AC ac1 went online. State changed to Run..

Explanation

The local AC came online. The state of the local AC changed to Run.

Recommended action

No action is required.

 

APMGR_LOG_MEMALERT

Message text

The memory usage of the AC has reached the threshold.

Variable fields

N/A

Severity level

4

Example

APMGR/4/APMGR_LOG_MEMALERT: The memory usage of the AC has reached the threshold.

Explanation

The AP failed to come online because the memory utilization exceeded the limit.

Recommended action

Stop creating manual APs and prevent APs from coming online.

 

APMGR_LOG_NOLICENSE

Message text

AP failed to come online in [STRING]. Reason: No license for the [STRING].

Variable fields

$1: AP state:

·     discover.

·     join.

$2: AP type:

·     common AP.

·     WTU AP.

Severity level

6

Example

APMGR/6/APMGR_LOG_NOLICENSE: AP failed to come online in discover. Reason: No license for the common AP.

Explanation

The AP failed to come online because the number of APs allowed by the license on the AC has reached the upper limit.

Recommended action

Purchase an upgrade license for AP number extension.

 

APMGR_LOG_OFFLINE

Message text

AP [STRING] went offline. State changed to Idle.

Variable fields

$1: AP name.

Severity level

6

Example

APMGR/6/APMGR_LOG_OFFLINE: AP ap1 went offline. State changed to Idle.

Explanation

The AP went offline. The state of the AP changed to Idle.

Recommended action

If the AP went offline abnormally, check the debugging information to locate the problem and resolve it.

 

APMGR_LOG_ONLINE

Message text

AP [STRING] came online. State changed to Run.

Variable fields

$1: AP name.

Severity level

6

Example

APMGR/6/APMGR_LOG_ONLINE: AP ap1 came online. State changed to Run.

Explanation

The AP came online. The state of the AP changed to Run.

Recommended action

No action is required.

 

APMGR_LOG_ONLINE_FAILED

Message text

[STRING] ([STRING]) failed to come online in join state. Reason: [STRING] ([STRING]) was offline.

Variable fields

$1: Name of a WTU or WAP.

$2: Serial ID of a WTU or WAP.

$3: Name of the connected WT or SPM.

$4: Serial ID of the connected WT or SPM.

Severity level

6

Example

·     APMGR/6/APMGR_AP_ONLINE_FAILED: WTU (219801A0WA916BQ12535) failed to come online in join state. Reason: WT (219801A11UC173000153) was offline.

·     APMGR/6/APMGR_AP_ONLINE_FAILED: WAP (219801A0VW916AG00254) failed to come online in join state. Reason: SPM (219801A13DB05B0004350) was offline.

Explanation

·     The WTU cannot come online because its connected WT is offline.

·     The WAP cannot come online because its connected SPM is offline.

Recommended action

Make the WT or SPM come online.

 

APMGR_REACH_MAX_APNUMBER

Message text

An AP failed to come online: Maximum number of APs already reached.

Variable fields

N/A

Severity level

4

Example

APMGR/4/APMGR_REACH_MAX_APNEMBER: An AP failed to come online: Maximum number of APs already reached.

Explanation

An AP failed to come online because the number of APs on the AC already reached the upper limit.

Recommended action

No action is required.

 

APMGR_SWAC_DRV_FAILED

Message text

Failed to install WLAN feature package. Reason: Insufficient hardware resources.

Variable fields

N/A

Severity level

3

Example

APMGR/3/SWAC_DRV_FAILED: Failed to install WLAN feature package. Reason: Insufficient hardware resources.

Explanation

The system failed to install the WLAN feature package because of insufficient hardware resources.

Recommended action

To resolve the problem:

1.     Uninstall the WLAN feature package.

2.     Locate the reason that causes hardware resource exhaustion and remove the issue.

3.     Reinstall the WLAN feature package.

4.     If the problem persists, contact H3C Support.

 

CWC_AP_DOWN

Message text

CAPWAP tunnel to AC [STRING] went down. Reason: [STRING].

Variable fields

$1: AC IP address.

$2: Reason:

·     Added AP IP address.

·     Deleted AP IP address.

·     AP interface used for CAPWAP tunnel went down.

·     AP config changed.

·     AP was reset.

·     Number of echo retransmission attempts exceeded the limit.

·     No license for the AP.

·     Full retransmission queue.

·     Data channel timer expired.

·     Backup AC IP address changed.

·     Backup tunnel changed to master tunnel.

·     Failed to change backup tunnel to master tunnel.

·     Backup method changed.

·     N/A.

Severity level

6

Example

CWC/6/CWC_AP_DOWN: CAPWAP tunnel to AC 192.168.10.1 went down. Reason: AP was reset.

Explanation

The CAPWAP tunnel between the AP and the AC was terminated for a specific reason.

Recommended action

Examine the network connection between the AP and the AC.

 

CWC_AP_UP

Message text

[STRING] CAPWAP tunnel to AC [STRING] went up.

Variable fields

$1: Tunnel type:

·     Master.

·     Backup.

$2: AC IP address.

Severity level

6

Example

CWC/6/CWC_AP_UP: Master CAPWAP tunnel to AC 192.168.10.1 went up.

Explanation

The AP was connected to the AC successfully and entered Run state.

Recommended action

No action is required.

 

CWC_AP_REBOOT

Message text

AP in state [STRING] is rebooting. Reason: [STRING]

Variable fields

$1: AP state.

$2: Reason:

·     Image was downloaded successfully.

·     Reset by admin.

·     Reset by CloudTunnel,

·     Reset on cloud,

·     The radio status was incorrect,

·     WT was offline,

·     Stayed in idle state for a long time.

Severity level

6

Example

CWC/6/CWC_AP_REBOOT: AP in State Run is rebooting. Reason: Reset by admin.

Explanation

The AP rebooted for a specific reason.

Recommended action

No action is required.

 

CWC_IMG_DOWNLOAD_COMPLETE

Message text

System software image file [STRING] downloading through the CAPWAP tunnel to AC [STRING] completed.

Variable fields

$1: Image file name.

$2: AC IP address.

Severity level

6

Example

CWC/6/CWC_IMG_DOWNLOAD_COMPLETE: System software image file 5800.ipe downloading through the CAPWAP tunnel to AC 192.168.10.1 completed.

Explanation

The AP downloaded the image file from the AC successfully.

Recommended action

No action is required.

 

CWS_IMG_DOWNLOAD_FAILED

Message text

Failed to download image file [STRING1] for [STRING2] [STRING3].

Variable fields

$1: Image file name.

$2: AP or local AC.

$3: Name of the AP or local AC.

Severity level

6

Example

CWS/6/CWS_IMG_DOWNLOAD_FAILED: Failed to download image file wa4300.ipe for AP ap1.

Explanation

The AP or the local AC failed to download the image file from the AC.

Recommended action

No action is required.

 

CWC_IMG_DOWNLOAD_START

Message text

Started to download the system software image file [STRING] through the CAPWAP tunnel to AC [STRING].

Variable fields

$1: Image file name.

$2: AC IP address.

Severity level

6

Example

CWC/6/CWC_IMG_DOWNLOAD_START: Started to download the system software image file 5800.ipe through the CAPWAP tunnel to AC 192.168.10.1.

Explanation

The AP started to download the image file from the AC.

Recommended action

Make sure the AP is correctly connected to the AC.

 

CWC_IMG_NO_ENOUGH_SPACE

Message text

Insufficient flash memory space for downloading system software image file [STRING].

Variable fields

$1: Image file name.

Severity level

6

Example

CWC/6/CWC_IMG_NO_ENOUGH_SPACE: Insufficient flash memory space for downloading system software image file 5800.ipe.

Explanation

The AP failed to download the image file from the AC because of insufficient flash memory.

Recommended action

Delete files not in use from the AP.

 

CWC_LOCALAC_DOWN

Message text

CAPWAP tunnel to Central AC [STRING] went down. Reason: [STRING].

Variable fields

$1: IP address of the central AC.

$2: Reason:

·     Added local AC IP address.

·     Deleted local AC IP address.

·     Local AC interface used for CAPWAP tunnel went down.

·     Local AC config changed.

·     N/A

Severity level

4

Example

CWC/4/CWC_LOCALAC_DOWN: CAPWAP tunnel to Central AC 2.2.2.1 went down. Reason: Local AC config changed.

Explanation

The CAPWAP tunnel between the central AC and the local AC was terminated for a specific reason.

Recommended action

To resolve the problem:

1.     Examine the network connection between the central AC and the local AC.

2.     Verify that the central AC is correctly configured.

3.     Verify that the local AC is correctly configured.

4.     If the problem persists, contact H3C Support.

 

CWC_LOCALAC_UP

Message text

CAPWAP tunnel to Central AC [STRING] went up.

Variable fields

$1: IP address of the central AC.

Severity level

6

Example

CWC/6/CWC_LOCALAC_UP: CAPWAP tunnel to Central AC 2.2.2.1 went up.

Explanation

The central AC has established a CAPWAP tunnel with the local AC.

Recommended action

No action is required.

 

CWC_RUN_DOWNLOAD_COMPLETE

Message text

File [STRING] successfully downloaded through the CAPWAP tunnel to AC [STRING].

Variable fields

$1: File name.

$2: AC IP address.

Severity level

6

Example

CWC/6/CWC_RUN_DOWNLOAD_COMPLETE: File ac.cfg successfully downloaded through the CAPWAP tunnel to AC 192.168.10.1.

Explanation

The AP downloaded the file from the AC successfully.

Recommended action

No action is required.

 

CWC_RUN_DOWNLOAD_START

Message text

Started to download the file [STRING] through the CAPWAP tunnel to AC [STRING].

Variable fields

$1: File name.

$2: AC IP address.

Severity level

6

Example

CWC/6/CWC_RUN_DOWNLOAD_START: Started to download the file ac.cfg through the CAPWAP tunnel to AC 192.168.10.1.

Explanation

The AP started to download the file from the AC.

Recommended action

Make sure the AP is correctly connected to the AC.

 

CWC_RUN_NO_ENOUGH_SPACE

Message text

Insufficient flash memory space for downloading file [STRING].

Variable fields

$1: File name.

Severity level

6

Example

CWC/6/CWC_RUN_NO_ENOUGH_SPACE: Insufficient flash memory space for downloading file ac.cfg.

Explanation

The AP failed to download the file from the AC because of insufficient flash memory.

Recommended action

Delete files not in use from the AP.

 

CWS_AP_DOWN

Message text

CAPWAP tunnel to AP [STRING] went down. Reason: [STRING].

Variable fields

$1: AP name.

$2: Reason:

·     Neighbor dead timer expired.

·     AP was reset by admin.

·     AP was reset by CloudTunnel.

·     AP was reset on cloud.

·     WT was offline.

·     AP was deleted.

·     Serial number changed.

·     Processed join request in Run state.

·     Failed to retransmit message.

·     Received WTP tunnel down event from AP.

·     Backup AC closed the backup tunnel.

·     Backup AP upgrade failed.

·     AC is inactive.

·     Tunnel switched.

·     N/A.

Severity level

6

Example

CWS/6/CWS_AP_DOWN: CAPWAP tunnel to AP ap1 went down. Reason: AP was reset by admin.

Explanation

The AP went offline for a specific reason.

Recommended action

To resolve the problem:

1.     Examine the network connection between the AP and the AC.

2.     Verify that the AP is correctly configured.

3.     Verify that the AC is correctly configured.

4.     If the problem persists, contact H3C Support.

 

CWS_AP_UP

Message text

[STRING] CAPWAP tunnel to AP [STRING] went up.

Variable fields

$1: Tunnel type:

·     Master.

·     Backup.

$2: AP name or serial ID.

Severity level

6

Example

CWS/6/CWS_AP_UP: Backup CAPWAP tunnel to AP ap1 went up.

Explanation

The AP came online and entered Run state.

Recommended action

No action is required.

 

CWS_IMG_DOWNLOAD_COMPLETE

Message text

System software image file [STRING] downloading through the CAPWAP tunnel for AP [STRING] completed.

Variable fields

$1: Image file name.

$2: AP name.

Severity level

6

Example

CWS/6/CWS_IMG_DOWNLOAD_COMPLETE: System software image file 5800.ipe downloading through the CAPWAP tunnel for AP ap2 completed.

Explanation

The AP downloaded the image file from the AC successfully.

Recommended action

No action is required.

 

CWS_IMG_DOWNLOAD_FAILED

Message text

Failed to download image file [STRING] for the AP. AC memory is not enough.

Variable fields

$1: Name of an image file.

Severity level

6

Example

CWS/6/CWS_IMG_DOWNLOAD_FAILED: Failed to download image file wa4300anchor.ipe for the AP. AC memory is not enough.

Explanation

The AP failed to download an image file from the AC because of insufficient AC memory.

Recommended action

No action is required.

 

CWS_IMG_DOWNLOAD_START

Message text

AP [STRING] started to download the system software image file [STRING].

Variable fields

$1: AP name.

$2: Image file name.

Severity level

6

Example

CWS/6/CWS_IMG_DOWNLOAD_START: AP ap1 started to download the system software image file 5800.ipe.

Explanation

The AP started to download the image file from the AC.

Recommended action

No action is required.

 

CWS_IMG_OPENFILE_FAILED

Message text

Failed to open the image file [STRING].

Variable fields

$1: Path of the image file to be downloaded to the AP.

Severity level

3

Example

CWS/3/CWS_IMG_OPENFILE_FAILED: Failed to open the image file slot1#cfa0:/wa5600.ipe.

Explanation

The AP failed to open the image file downloaded from the AC.

Recommended action

No action is required.

 

CWS_LOCALAC_DOWN

Message text

CAPWAP tunnel to local AC [STRING] went down. Reason: [STRING].

Variable fields

$1: IP address of the local AC.

$2: Reason:

·     Neighbor dead timer expired.

·     Local AC was deleted.

·     Serial number changed.

·     Processed join request in Run state.

·     Failed to retransmit message.

·     N/A

Severity level

4

Example

CWS/4/CWS_LOCALAC_DOWN: CAPWAP tunnel to local AC 1.1.1.1 went down. Reason: Local AC was deleted.

Explanation

The CAPWAP tunnel between the central AC and the local AC was terminated for a specific reason.

Recommended action

To resolve the problem:

1.     Examine the network connection between the central AC and the local AC.

2.     Verify that the central AC is correctly configured.

3.     Verify that the local AC is correctly configured.

4.     If the problem persists, contact H3C Support.

 

CWS_LOCALAC_UP

Message text

CAPWAP tunnel to local AC [STRING] went up.

Variable fields

$1: IP address of the local AC.

Severity level

6

Example

CWS/6/CWS_LOCALAC_UP: CAPWAP tunnel to local AC 1.1.1.1 went up.

Explanation

The central AC has established a CAPWAP tunnel with the local AC.

Recommended action

No action is required.

 

CWS_RUN_DOWNLOAD_COMPLETE

Message text

File [STRING] successfully downloaded through the CAPWAP tunnel for AP [STRING].

Variable fields

$1: File name.

$2: AP name.

Severity level

6

Example

CWS/6/CWS_RUN_DOWNLOAD_COMPLETE: File ac.cfg successfully downloaded through the CAPWAP tunnel for AP ap2.

Explanation

The AP downloaded the file from the AC successfully.

Recommended action

No action is required.

 

CWS_RUN_DOWNLOAD_START

Message text

AP [STRING] started to download the file [STRING].

Variable fields

$1: AP name.

$2: File name.

Severity level

6

Example

CWS/6/CWS_RUN_DOWNLOAD_START: AP ap1 started to download the file ac.cfg.

Explanation

The AP started to download the file from the AC.

Recommended action

No action is required.

 

RADIO

Message text

APMGR/6/RADIO: Current channel usage [UINT32] of radio [CHAR] on AP [STRING] exceeded the threshold.

Variable fields

$1: Current channel usage.

$2: Radio ID.

$3: AP name.

Severity level

6

Example

APMGR/6/RADIO: Current channel usage 63% of radio 2 on AP ap1 exceeded the threshold.

Explanation

The current channel usage on a radio has exceeded the channel usage threshold.

Recommended action

Execute the channel command to switch the working channel to a channel with low usage.

 

 

Application account extraction messages

This section contains application account extraction messages.

USER-NETLOG

Message text

Protocol(1001)= [STRING];SrcIPAddr(1003)= [IPADDR];SrcPort(1004)= [UINT16];DstIPAddr(1007)= [IPADDR];DstPort(1008)= [UINT16]; User(1098)=%s; Application(1002)= [STRING]; Account(1101)= [STRING].

Variable fields

$1: Protocol address.

$2: Source IP address.

$3: Source port number.

$4: Destination IP address.

$5: Destination port number.

$6: Username.

$7: Application name.

$8: User account.

Severity level

6

Example

UDPI/6/USER-NETLOG:-Chassis=1-Slot=5.1;Protocol(1001)=UDP;SrcIPAddr(1003)=22.1.1.2;SrcPort(1004)=0;DstIPAddr(1007)=21.1.1.2;DstPort(1008)=65297;User(1098)=22.1.1.2; Application(1002)=ZhenAiWang; Account(1101)=72753475.

Explanation

This message is generated when a packet matches application account characteristics.

Recommended action

None

 

 

Application audit and management messages

This section contains application audit and management messages.

AUDIT_RULE_MATCH_IM_IPV4_LOG

Message text

Protocol(1001)=[STRING];SrcIPAddr(1003)=[IPADDR];SrcPort(1004)=[UINT16];DstIPAddr(1007)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],Content(1104)=[STRING],FileName(1097)=[STRING],FileSize(1105)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv4 address.

$3: Source port number.

$4: Destination IPv4 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: Content.

$15: File name.

$16: File size.

$17: Client type.

$18: Application software version.

$19: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_IM_IPV4_LOG:Protocol(1001)=TCP;SrcIPAddr(1003)=1.2.3.4;SrcPort(1004)=8080;DstIPAddr(1007)=6.1.1.1;DstPort(1008)=8080;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=QQ;Behavior(1101)=Login;BehaviorContent(1102)={Account(1103)=12345678,Content(1104)=test,FileName(1097)=text,FileSize(1105)=152389};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv4 packet matches an audit rule for an IM application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_MAIL_IPV4_LOG

Message text

Protocol(1001)=[STRING];SrcIPAddr(1003)=[IPADDR];SrcPort(1004)=[UINT16];DstIPAddr(1007)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Sender_addr(1106)=[STRING],Receiver_addr(1107)=[STRING],Subject(1108)=[STRING],Body(1109)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv4 address.

$3: Source port number.

$4: Destination IPv4 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Sender.

$14: Receiver.

$15: Subject.

$16: Body.

$17: Client type.

$18: Application software version.

$19: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_MAIL_IPV4_LOG:Protocol(1001)=TCP;SrcIPAddr(1003)=1.2.3.4;SrcPort(1004)=8080;DstIPAddr(1007)=6.1.1.1;DstPort(1008)=8080;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=smtp;Behavior(1101)=SendMail;BehaviorContent(1102)={Sender_addr(1106)="wb"<wb@ubuntu.wb>,Receiver_addr(1107)=<wb@ubuntu.wb>,Subject(1108)=test,Body(1109)=abc};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv4 packet matches an audit rule for an email application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_FORUM_IPV4_LOG

Message text

Protocol(1001)=[STRING];SrcIPAddr(1003)=[IPADDR];SrcPort(1004)=[UINT16];DstIPAddr(1007)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],Content(1104)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv4 address.

$3: Source port number.

$4: Destination IPv4 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: Content.

$15: Client type.

$16: Application software version.

$17: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_FORUM_IPV4_LOG:Protocol(1001)=TCP;SrcIPAddr(1003)=1.2.3.4;SrcPort(1004)=8080;DstIPAddr(1007)=6.1.1.1;DstPort(1008)=8080;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=SinaWeibo;Behavior(1101)=Comment;BehaviorContent(1102)={Account(1103)=hjk123456,Content(1104)=hello};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv4 packet matches an audit rule for a social networking application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_SEARCH_IPV4_LOG

Message text

Protocol(1001)=[STRING];SrcIPAddr(1003)=[IPADDR];SrcPort(1004)=[UINT16];DstIPAddr(1007)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Keyword(1095)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv4 address.

$3: Source port number.

$4: Destination IPv4 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Keyword.

$14: Client type.

$15: Application software version.

$16: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_SEARCH_IPV4_LOG:Protocol(1001)=TCP;SrcIPAddr(1003)=1.2.3.4;SrcPort(1004)=8080;DstIPAddr(1007)=6.1.1.1;DstPort(1008)=8080;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=BaiduSearch;Behavior(1101)=Search;BehaviorContent(1102)={Keyword(1095)=12345678};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv4 packet matches an audit rule for a search engine application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_FILE_IPV4_LOG

Message text

Protocol(1001)=[STRING];SrcIPAddr(1003)=[IPADDR];SrcPort(1004)=[UINT16];DstIPAddr(1007)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],FileName(1097)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv4 address.

$3: Source port number.

$4: Destination IPv4 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: File name

$15: Client type.

$16: Application software version.

$17: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_FILE_IPV4_LOG:Protocol(1001)=TCP;SrcIPAddr(1003)=1.2.3.4;SrcPort(1004)=8080;DstIPAddr(1007)=6.1.1.1;DstPort(1008)=8080;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=ftp;Behavior(1101)=UploadFile;BehaviorContent(1102)={Account(1103)=ghj123,FileName(1097)=abc.txt};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv4 packet matches an audit rule for a file transfer application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_AS_IPV4_LOG

Message text

Protocol(1001)=[STRING];SrcIPAddr(1003)=[IPADDR];SrcPort(1004)=[UINT16];DstIPAddr(1007)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],Content(1104)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv4 address.

$3: Source port number.

$4: Destination IPv4 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: Content

$15: Client type.

$16: Application software version.

$17: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_AS_IPV4_LOG:Protocol(1001)=TCP;SrcIPAddr(1003)=1.2.3.4;SrcPort(1004)=8080;DstIPAddr(1007)=6.1.1.1;DstPort(1008)=8080;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=tonghuashun;Behavior(1101)=Login;BehaviorContent(1102)={Account(1103)=hjk123456,Content(1104)=hello};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv4 packet matches an audit rule for an entertainment or stock application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_OTHER_IPV4_LOG

Message text

Protocol(1001)=[STRING];SrcIPAddr(1003)=[IPADDR];SrcPort(1004)=[UINT16];DstIPAddr(1007)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],Password(1112)=[STRING],Content(1104)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv4 address.

$3: Source port number.

$4: Destination IPv4 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: Password.

$15: Content.

$16: Client type.

$17: Application software version.

$18: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_OTHER_IPV4_LOG:Protocol(1001)=TCP;SrcIPAddr(1003)=1.2.3.4;SrcPort(1004)=8080;DstIPAddr(1007)=6.1.1.1;DstPort(1008)=8080;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=Telnet;Behavior(1101)=Download;BehaviorContent(1102)={Account(1103)=hjk123456,Password(1112)=hhh123,Content(1104)=hello};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv4 packet matches an audit rule for an unclassified application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_IM_IPV6_LOG

Message text

Protocol(1001)=[STRING];SrcIPv6Addr(1036)=[IPADDR];SrcPort(1004)=[UINT16];DstIPv6Addr(1037)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],Content(1104)=[STRING],FileName(1097)=[STRING],FileSize(1105)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)= [STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv6 address.

$3: Source port number.

$4: Destination IPv6 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: Content.

$15: File name.

$16: File size.

$17: Client type.

$18: Application software version.

$19: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_IM_IPV6_LOG:Protocol(1001)=TCP;SrcIPv6Addr(1036)=2001::2;SrcPort(1004)=51396;DstIPv6Addr(1037)=3001::2;DstPort(1008)=25;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=QQ;Behavior(1101)=Login;BehaviorContent(1102)={Account(1103)=12345678,Content(1104)=test,FileName(1097)=text,FileSize(1105)=152389};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv6 packet matches an audit rule for an IM application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_MAIL_IPV6_LOG

Message text

Protocol(1001)=[STRING];SrcIPv6Addr(1036)=[IPADDR];SrcPort(1004)=[UINT16];DstIPv6Addr(1037)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Sender_addr(1106)=[STRING],Receiver_addr(1107)=[STRING],Subject(1108)=[STRING],Body(1109)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv6 address.

$3: Source port number.

$4: Destination IPv6 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Sender.

$14: Receiver.

$15: Subject.

$16: Body.

$17: Client type.

$18: Application software version.

$19: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_MAIL_IPV6_LOG:Protocol(1001)=TCP;SrcIPv6Addr(1036)=2001::2;SrcPort(1004)=51396;DstIPv6Addr(1037)=3001::2;DstPort(1008)=25;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=smtp;Behavior(1101)=SendMail;BehaviorContent(1102)={Sender_addr(1106)="wb"<wb@ubuntu.wb>,Receiver_addr(1107)=<wb@ubuntu.wb>,Subject(1108)=test,Body(1109)=abc};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv6 packet matches an audit rule for an email application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_FORUM_IPV6_LOG

Message text

Protocol(1001)=[STRING];SrcIPv6Addr(1036)=[IPADDR];SrcPort(1004)=[UINT16];DstIPv6Addr(1037)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],Content(1104)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv6 address.

$3: Source port number.

$4: Destination IPv6 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: Content.

$15: Client type.

$16: Application software version.

$17: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_FORUM_IPV6_LOG:Protocol(1001)=TCP;SrcIPv6Addr(1036)=2001::2;SrcPort(1004)=51396;DstIPv6Addr(1037)=3001::2;DstPort(1008)=25;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=SinaWeibo;Behavior(1101)=Comment;BehaviorContent(1102)={Account(1103)=hjk123456,Content(1104)=hello};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv6 packet matches an audit rule for a social networking application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_SEARCH_IPV6_LOG

Message text

Protocol(1001)=[STRING];SrcIPv6Addr(1036)=[IPADDR];SrcPort(1004)=[UINT16];DstIPv6Addr(1037)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Keyword(1095)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv4 address.

$3: Source port number.

$4: Destination IPv4 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Keyword.

$14: Client type.

$15: Application software version.

$16: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_SEARCH_IPV6_LOG:Protocol(1001)=TCP;SrcIPv6Addr(1036)=2001::2;SrcPort(1004)=51396;DstIPv6Addr(1037)=3001::2;DstPort(1008)=25;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=BaiduSearch;Behavior(1101)=Search;BehaviorContent(1102)={Keyword(1095)=12345678};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv6 packet matches an audit rule for a search engine application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_FILE_IPV6_LOG

Message text

Protocol(1001)=[STRING];SrcIPv6Addr(1036)=[IPADDR];SrcPort(1004)=[UINT16];DstIPv6Addr(1037)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],FileName(1097)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv6 address.

$3: Source port number.

$4: Destination IPv6 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: File name

$15: Client type.

$16: Application software version.

$17: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_FILE_IPV6_LOG:Protocol(1001)=TCP;SrcIPv6Addr(1036)=2001::2;SrcPort(1004)=51396;DstIPv6Addr(1037)=3001::2;DstPort(1008)=25;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=ftp;Behavior(1101)=UploadFile;BehaviorContent(1102)={Account(1103)=ghj123,FileName(1097)=abc.txt};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv6 packet matches an audit rule for a file transfer application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_AS_IPV6_LOG

Message text

Protocol(1001)=[STRING];SrcSrcIPv6Addr(1036)=[IPADDR];SrcPort(1004)=[UINT16];DstIPv6Addr(1037)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],Content(1104)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv6 address.

$3: Source port number.

$4: Destination IPv6 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: Content

$15: Client type.

$16: Application software version.

$17: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_AS_IPV6_LOG:Protocol(1001)=TCP;SrcIPv6Addr(1036)=2001::2;SrcPort(1004)=51396;DstIPv6Addr(1037)=3001::2;DstPort(1008)=25;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=tonghuashun;Behavior(1101)=Login;BehaviorContent(1102)={Account(1103)=hjk123456,Content(1104)=hello};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv6 packet matches an audit rule for an entertainment or stock application.

Recommended action

No action is required.

 

AUDIT_RULE_MATCH_OTHER_IPV6_LOG

Message text

Protocol(1001)=[STRING];SrcIPv6Addr(1036)=[IPADDR];SrcPort(1004)=[UINT16];DstIPv6Addr(1037)=[IPADDR];DstPort(1008)=[UINT16];SrcZoneName(1025)=[STRING];DstZoneName(1035)=[STRING];UserName(1113)=[STRING];PolicyName(1079)=[STRING];Application(1002)=[STRING];Behavior(1101)=[STRING];BehaviorContent(1102)={Account(1103)=[STRING],Password(1112)=[STRING],Content(1104)=[STRING]};Client(1110)=[STRING];SoftVersion(1111)=[STRING];Action(1053)=[STRING];

Variable fields

$1: Protocol type.

$2: Source IPv6 address.

$3: Source port number.

$4: Destination IPv6 address.

$5: Destination port number.

$6: Source security zone name.

$7: Destination security zone name.

$8: Username.

$9: Application audit and management policy name.

$10: Application name.

$11: Application behavior.

$12: Application behavior content.

$13: Account.

$14: Password.

$15: Content.

$16: Client type.

$17: Application software version.

$18: Action name: Permit or Deny.

Severity level

6

Example

AUDIT/6/AUDIT_RULE_MATCH_OTHER_IPV6_LOG:Protocol(1001)=TCP;SrcIPv6Addr(1036)=2001::2;SrcPort(1004)=51396;DstIPv6Addr(1037)=3001::2;DstPort(1008)=25;SrcZoneName(1025)=spf;DstZoneName(1035)=spf;UserName(1113)=hjp;PolicyName(1079)=policy1;Application(1002)=Telnet;Behavior(1101)=Download;BehaviorContent(1102)={Account(1103)=hjk123456,Password(1112)=hhh123,Content(1104)=hello};Client(1110)=PC;SoftVersion(1111)=;Action(1053)=Deny;

Explanation

This message is generated when an IPv6 packet matches an audit rule for an unclassified application.

Recommended action

No action is required.

 

 

APR messages

This section contains APR messages.

NBAR_WARNING

Message text

Updated the APR signature library successfully.

Variable fields

N/A

Severity level

4

Example

NBAR/4/NBAR_WARNING: -Context=1; Updated the APR signature library successfully.

Explanation

The APR signature library was updated successfully.

The device outputs this log message for one of the following conditions:

·     The triggered update operation succeeds.

·     The local update operation succeeds.

Recommended action

No action is required.

 

NBAR_WARNING

Message text

Rolled back the APR signature library successfully.

Variable fields

N/A

Severity level

4

Example

NBAR/4/NBAR_WARNING: -Context=1; Rolled back the APR signature library successfully.

Explanation

The APR signature library was rolled back successfully to the last version or the factory version.

Recommended action

No action is required.

 

NBAR_WARNING

Message text

Failed to update the APR signature library because no valid license was found for the NBAR feature.

Variable fields

N/A

Severity level

4

Example

NBAR/4/NBAR_WARNING: -Context=1; Failed to update the APR signature library because no valid license was found for the NBAR feature.

Explanation

The APR signature library update failed because no valid license was found for updating the APR signature library.

The device outputs this log message for one of the following conditions:

·     Failed to perform a triggered update operation.

·     Failed to perform a local update operation through the Web interface.

Recommended action

No action is required.

 

 

ARP messages

This section contains ARP messages.

ARP_ACTIVE_ACK_NO_REPLY

Message text

No ARP reply from IP [STRING] was received on interface [STRING].

Variable fields

$1: IP address.

$2: Interface name.

Severity level

6

Example

ARP/6/ARP_ACTIVE_ACK_NO_REPLY: No ARP reply from IP 192.168.10.1 was received on interface Ethernet0/1/0.

Explanation

The ARP active acknowledgement feature did not receive an ARP reply after it sent an ARP request to the sender IP of an ARP message.

This message indicates the risk of attacks.

Recommended action

1.     Verify that the learned ARP entries on the device are consistent with the existing legal devices. When gateways and servers are on the network, check the ARP entries for these devices first.

2.     If the ARP entries are correct and the attack continues, contact H3C Support.

 

ARP_ACTIVE_ACK_NOREQUESTED_REPLY

Message text

Interface [STRING] received from IP [STRING] an ARP reply that was not requested by the device.

Variable fields

$1: Interface name.

$2: IP address.

Severity level

6

Example

ARP/6/ARP_ACTIVE_ACK_NOREQUESTED_REPLY: Interface Ethernet0/1/0 received from IP 192.168.10.1 an ARP reply that was not requested by the device.

Explanation

The ARP active acknowledgement feature received an unsolicited ARP reply from a sender IP.

This message indicates the risk of attacks.

Recommended action

No action is required. The device discards the ARP reply automatically.

 

ARP_BINDRULETOHW_FAILED

Message text

Failed to download binding rule to hardware on the interface [STRING], SrcIP [IPADDR], SrcMAC [MAC], VLAN [UINT16], Gateway MAC [MAC].

Variable fields

$1: Interface name.

$2: Source IP address.

$3: Source MAC address.

$4: VLAN ID.

$5: Gateway MAC address.

Severity level

5

Example

ARP/5/ARP_BINDRULETOHW_FAILED: Failed to download binding rule to hardware on the interface Ethernet1/0/1, SrcIP 1.1.1.132, SrcMAC 0015-E944-A947, VLAN 1, Gateway MAC 00A1-B812-1108.

Explanation

The system failed to set a binding rule to the hardware on an interface. The message is sent in any of the following situations:

·     The resources are not sufficient for the operation.

·     The memory is not sufficient for the operation.

·     A hardware error occurs.

Recommended action

To resolve the problem:

1.     Execute the display qos-acl resource command to check if the ACL resources for the operation are sufficient.

¡     If yes, proceed to step 2.

¡     If no, delete unnecessary configuration to release ACL resources. If no configuration can be deleted, proceed to step 2.

2.     Execute the display memory command to check if the memory for the operation is sufficient.

¡     If yes, proceed to step 3.

¡     If no, delete unnecessary configuration to release memory. If no configuration can be deleted, proceed to step 3.

3.     Delete the configuration and perform the operation again.

 

ARP_DYNAMIC

Message text

The maximum number of dynamic ARP entries for the device reached.

Variable fields

N/A

Severity level

6

Example

The maximum number of dynamic ARP entries for the device reached.

Explanation

This message is displayed when the maximum number of dynamic ARP entries on the device is reached.

Recommended action

No action is required.

 

ARP_DYNAMIC_IF

Message text

The maximum number of dynamic ARP entries for interface [STRING] reached.

Variable fields

$1: Interface name.

Severity level

6

Example

The maximum number of dynamic ARP entries for interface GigabitEthernet3/0/1 reached.

Explanation

This message is displayed when maximum number of dynamic ARP entries on an interface is reached.

Recommended action

No action is required.

 

ARP_DYNAMIC_SLOT

Message text

The maximum number of dynamic ARP entries for [STRING] reached.

Variable fields

$1: Slot number (in standalone mode) or chassis number and slot number (in IRF mode).

Severity level

6

Example

The maximum number of dynamic ARP entries for slot 2 reached.

The maximum number of dynamic ARP entries for chassis 1 slot 2 reached.

Explanation

This message is displayed when the maximum number of dynamic ARP entries on a slot is reached.

Recommended action

No action is required.

 

ARP_HOST_IP_CONFLICT

Message text

The host [STRING] connected to interface [STRING] cannot communicate correctly, because it uses the same IP address as the host connected to interface [STRING].

Variable fields

$1: IP address.

$2: Interface name.

$3: Interface name.

Severity level

4

Example

ARP/4/ARP_HOST_IP_CONFLICT: The host 1.1.1.1 connected to interface GigabitEthernet1/0/1 cannot communicate correctly, because it uses the same IP address as the host connected to interface GigabitEthernet1/0/2.

Explanation

The sender IP address in a received ARP message conflicted with the IP address of a host connected to another interface.

Recommended action

Check whether the hosts that send the ARP messages are legitimate. Disconnect the illegal host from the network.

 

ARP_RATE_EXCEEDED

Message text

The ARP packet rate ([UINT32] pps) exceeded the rate limit ([UINT32] pps) on interface [STRING] in the last [UINT32] seconds.

Variable fields

$1: ARP packet rate.

$2: ARP limit rate.

$3: Interface name.

$4: Interval time.

Severity level

4

Example

ARP/4/ARP_RATE_EXCEEDED: The ARP packet rate (100 pps) exceeded the rate limit (80 pps) on interface Ethernet0/1/0 in the last 10 seconds.

Explanation

An interface received ARP messages at a higher rate than the rate limit.

Recommended action

Verify that the hosts at the sender IP addresses are legitimate.

 

ARP_SENDER_IP_INVALID

Message text

Sender IP [STRING] was not on the same network as the receiving interface [STRING].

Variable fields

$1: IP address.

$2: Interface name.

Severity level

6

Example

ARP/6/ARP_SENDER_IP_INVALID: Sender IP 192.168.10.2 was not on the same network as the receiving interface Ethernet0/1/0.

Explanation

The sender IP of a received ARP message was not on the same network as the receiving interface.

Recommended action

Verify that the host at the sender IP address is legitimate.

 

ARP_SENDER_MAC_INVALID

Message text

Sender MAC [STRING] was not identical to Ethernet source MAC [STRING] on interface [STRING].

Variable fields

$1: MAC address.

$2: MAC address.

$3: Interface name.

Severity level

6

Example

ARP/6/ARP_SENDER_MAC_INVALID: Sender MAC 0000-5E14-0E00 was not identical to Ethernet source MAC 0000-5C14-0E00 on interface Ethernet0/1/0.

Explanation

An interface received an ARP message. The sender MAC address in the message body was not identical to the source MAC address in the Ethernet header.

Recommended action

Verify that the host at the sender MAC address is legitimate.

 

ARP_SRC_MAC_FOUND_ATTACK

Message text

An attack from MAC [STRING] was detected on interface [STRING].

Variable fields

$1: MAC address.

$2: Interface name.

Severity level

6

Example

ARP/6/ARP_SRC_MAC_FOUND_ATTACK: An attack from MAC 0000-5E14-0E00 was detected on interface Ethernet0/1/0.

Explanation

The source MAC-based ARP attack detection feature received more ARP packets from the same MAC address within 5 seconds than the specified threshold.

This message indicates the risk of attacks.

Recommended action

Verify that the host at the source MAC address is legitimate.

 

ARP_TARGET_IP_INVALID

Message text

Target IP [STRING] was not the IP of the receiving interface [STRING].

Variable fields

$1: IP address.

$2: Interface name.

Severity level

6

Example

ARP/6/ARP_TARGET_IP_INVALID: Target IP 192.168.10.2 was not the IP of the receiving interface Ethernet0/1/0.

Explanation

The target IP address of a received ARP message was not the IP address of the receiving interface.

Recommended action

Verify that the host at the sender IP address is legitimate.

 

DUPIFIP

Message text

Duplicate address [STRING] on interface [STRING], sourced from [STRING].

Variable fields

$1: IP address.

$2: Interface name.

$3: MAC Address.

Severity level

6

Example

ARP/6/DUPIFIP: Duplicate address 1.1.1.1 on interface Ethernet1/1/1, sourced from 0015-E944-A947.

Explanation

ARP detected a duplicate address.

The sender IP in the received ARP packet was being used by the receiving interface.

Recommended action

Modify the IP address configuration.

 

DUPIP

Message text

IP address [STRING] conflicted with global or imported IP address, sourced from [STRING].

Variable fields

$1: IP address.

$2: MAC Address.

Severity level

6

Example

ARP/6/DUPIP: IP address 30.1.1.1 conflicted with global or imported IP address, sourced from 0000-0000-0001.

Explanation

The sender IP address of the received ARP packet conflicted with the global or imported IP address.

Recommended action

Modify the IP address configuration.

 

DUPVRRPIP

Message text

IP address [STRING] conflicted with VRRP virtual IP address on interface [STRING], sourced from [STRING].

Variable fields

$1: IP address.

$2: Interface name.

$3: MAC address.

Severity level

6

Example

ARP/6/DUPVRRPIP: IP address 1.1.1.1 conflicted with VRRP virtual IP address on interface Ethernet1/1/1, sourced from 0015-E944-A947.

Explanation

The sender IP address of the received ARP packet conflicted with the VRRP virtual IP address.

Recommended action

Modify the IP address configuration.

 

 

ASPF messages

This section contains ASPF messages.

ASPF_IPV4_DNS

Message text

SrcIPAddr(1003)=[IPADDR];DstIPAddr(1007)=[IPADDR];RcvVPNInstance(1042)=[STRING];RcvDSLiteTunnelPeer(1040)=[STRING];DomainName(1099)=[STRING];Action(1053)=[STRING];Reason(1056)=[STRING].

Variable fields

$1: Source IPv4 address.

$2: Destination IPv4 address.

$3: VPN instance name.

$4: Local address of a DS-Lite tunnel.

$5: Domain name.

$6: Action on the detected illegal packets:

·     drop—Drops illegal packets.

·     logging—Generates log messages.

·     none—Does not process the packets and allows illegal packets to pass.

$7: Reason why the message was generated:

·     Invalid DNS RR.

·     Failed to check DNS header flag.

·     Failed to check DNS header ID.

Severity level

6

Example

ASPF/6/ASPF_IPV4_DNS:SrcIPAddr(1003)=1.1.1.3;DstIPAddr(1007)=2.1.1.2;RcvVPNInstance(1042)=vpn;RcvDSLiteTunnelPeer(1040)=dstunnel1;DomainName(1099)=www.h3c.com;Action(1053)=drop,logging;Reason(1056)=Check DNS RR invalid.

Explanation

ASPF inspection for DNS is configured. The device takes a specific action on IPv4 packets that are determined to be illegal for a reason.

Recommended action

No action is required.

 

ASPF_IPV6_DNS

Message text

SrcIPv6Addr(1036)=[IPADDR];DstIPv6Addr(1037)=[IPADDR];RcvVPNInstance(1042)=[STRING];DomainName(1099)=[STRING];Action(1053)=[STRING];Reason(1056)=[STRING].

Variable fields

$1: Source IPv6 address.

$2: Destination IPv6 address.

$3: VPN instance name.

$4: Domain name.

$5: Action on the detected illegal packets:

·     drop—Drops illegal packets.

·     logging—Generates log messages.

·     none—Does not process the packet and allows illegal packets to pass.

$6: Reason why the message was generated:

·     Invalid DNS RR.

·     Failed to check DNS header flag.

·     Failed to check DNS header ID.

Severity level

6

Example

ASPF/6/ASPF_IPV6_DNS:SrcIPv6Addr(1036)=2001::1;DstIPv6Addr(1037)=3001::1;RcvVPNInstance(1042)=vpn;DomainName(1099)=www.h3c.com;Action(1053)=drop,logging;Reason(1056)=Check DNS RR invalid.

Explanation

ASPF inspection for DNS is configured. The device takes a specific action on IPv6 packets that are determined to be illegal for a reason.

Recommended action

No action is required.

 

 

ATK messages

This section contains attack detection and prevention messages.

ATK_ICMP_ADDRMASK_REQ

Message text

IcmpType(1062)=[UINT32];RcvIfName(1023)=[STRING];SrcIPAddr(1003)=[IPADDR];SndDSLiteTunnelPeer(1041)=[STRING];DstIPAddr(1007)=[IPADDR];RcvVPNInstance(1042)=[STRING];Action(1053)=[STRING];BeginTime_c(1011)=[STRING];EndTime_c(1012)=[STRING];AtkTimes(1054)=[UINT32].

Variable fields

$1: ICMP message type.

$2: Receiving interface name.

$3: Source IP address.

$4: IP address of the peer DS-Lite tunnel interface.

$5: Destination IP address.

$6: Name of the receiving VPN instance.

$7: Actions against the attack.

$8: Start time of the attack.

$9: End time of the attack.

$10: Attack times.

Severity level

5

Example

ATK/5/ATK_ICMP_ADDRMASK_REQ:IcmpType(1062)=17;RcvIfName(1023)=Ethernet0/0/2;SrcIPAddr(1003)=9.1.1.1;SndDSLiteTunnelPeer(1041)=--;DstIPAddr(1007)=6.1.1.1;RcvVPNInstance(1042)=;Action(1053)=logging;BeginTime_c(1011)=20131011091319;EndTime_c(1012)=20131011091819;AtkTimes(1054)=2.

Explanation

This message is sent when ICMP address mask request logs are aggregated.

Recommended action