A NS208 in 5.3.0r6.0 version is sending syslog messages that contain non-numeric characters in its receive and send fields. It occurs when the session volume becomes greater than 99,999 in transmission or reception.
Did anyone know this behaviour ? Is this a known failure? Is this correct in a later version later? If yes, which one?
Below are examples of those syslog message presenting the anomaly :
Mar 4 02:00:34 203.0.58.2 FW_444440_01_STR_SERBER E: NetScreen device_id=FW_444440_01_STR_SERBERE [Root]system-n otification- 00257(traffic): start_time="2009-03-04 02:00:09" duration=24 policy_id=1291 service=tcp/port:445 proto=6 src zo ne=DMZ dst zone=Untrust action=Permit sent=v70328 rcvd=R75596 src=203.0.57.183 dst=203.0.50.187 src_port=1054 ds t_port=445 src- xlated ip=203.0.57.183 port=1054 dst-xlated ip=203 .0.50.187 port=445 session_id=44320
Mar 4 02:06:02 203.0.58.2 FW_444440_01_STR_SERBER E: NetScreen device_id=FW_444440_01_STR_SERBERE [Root]system-n otification- 00257(traffic): start_time="2009-03-04 02:00:02" d uration=359 policy_id=999 service=ftp proto=6 src zone=Trust d st zone=Untrust action=Permit sent=D05806 rcvd=·26527 src=203.0.54 .223 dst=10.44.36.253 src_port=58188 dst_port=21 src-xl ated ip=203.0.54.223 port=58188 dst-xlated ip=10.44.36. 253 port=21 session_id=46143
Mar 4 02:27:44 203.0.58.2 FW_444440_01_STR_SERBER E: NetScreen device_id=FW_444440_01_STR_SERBERE [Root]system-n otification- 00257(traffic): start_time="2009-03-04 01:38:54" d uration=2929 policy_id=964 service=NETBIOS (SSN) proto=6 src zo ne=sgt-bur dst zone=Untrust action=Permit sent=r88384 rcvd=½88803 src=203.0.59.139 dst=150.0.204.11 src_port=2324 ds t_port=139 src- xlated ip=203.0.59.139 port=2324 dst-xlated ip=150 .0.204.11 port=139 session_id=62883
Thanks for the help!