FTP byte values in syslog not matched with file size



  • Hi,

    FTP transaction data (sent & rcvd ) values in the Syslog is low when i compare the dowloaded file size. Please clarify , if i missed any configirations on my SSG-550,

    **  Policy defined in SSG-550**
                From ‘PrivateCustomer’ Zone to ‘Untrust’ zone, from ‘88.151.xxx.xxx/24’ Range to ‘ANY’, protocol FTP is ALLOWED, Logging Enabled. And  placed this rule at the top of the Firewall Rule List.

    Then i tried to FTP 10MB file,

    <133>SSG550: NetScreen device_id=SSG550  [Root]system-notification-00257(traffic): start_time=“2011-04-29 14:45:22” duration=87 policy_id=266 service=ftp proto=6 src zone=privateCustomer dst zone=Untrust action=Permit sent=939 rcvd=1209 src=88.151.xxx.xx dst=200.xxx.xxx.xxx src_port=2401 dst_port=21 src-xlated ip=88.151.31.160 port=2401 dst-xlated ip=200.27.3.23 port=21 session_id=210425 reason=Close - TCP FIN

    Thanks,
    Saran



  • FTP uses a data and a control channel (session).


 

26
Online

38.4k
Users

12.7k
Topics

44.5k
Posts